Drupal Out-of-band security update addresses two vulnerabilities in the third-party library Guzzle [CVE-2022-31042 and CVE-2022-31043]

CVE numbers = CVE-2022-31042 and CVE-2022-31043 Drupal uses the third-party Guzzle library for handling HTTP requests and responses to external

Read more

Drupal releases security update to addresses a vulnerability in the third-party library Guzzle [CVE-2022-29248]

Drupal uses the third-party Guzzle library for handling HTTP requests and responses to external services. Guzzle has released a security update which

Read more

Drupal – Critical Arbitrary PHP code execution Vulnerability

The Drupal project uses the PEAR Archive_Tar library. The PEAR Archive_Tar library has released a security update that impacts Drupal.

Read more

Drupal Releases Security Updates – Third-party library CKEditor

The Drupal project uses the third-party library CKEditor, which has released a security improvement that is needed to protect some Drupal configurations. Vulnerabilities

Read more

Drupal File Module Cross-Site Scripting Vulnerability [CVE-2019-6341]

CVE Number – CVE-2019-6341 A vulnerability in File module/subsystem of Drupal could allow an authenticated, remote attacker to conduct a cross-site scripting

Read more

Drupal EU Cookie Compliance module cross-site scripting vulnerability

This module addresses the General Data Protection Regulation (GDPR) that came into effect 25th May 2018, and the EU Directive

Read more

Drupal PHP built-in phar Stream Wrapper Remote Code Execution Vulnerability [CVE-2019-6339]

CVE Number – CVE-2019-6339 A vulnerability in the PHP built-in phar stream wrapper used in Drupal could allow an authenticated, remote attacker

Read more

Drupal core PEAR Archive_Tar Library Vulnerability [CVE-2019-6338]

CVE Number – CVE-2019-6338 A vulnerability in the Drupal core PEAR Archive_Tar library of Drupal Core could allow an authenticated, remote attacker

Read more

New Attacks Targeting Drupal Websites

A new attack methodology has been identified which involves the Dirty COW and Drupalgeddon 2 vulnerabilities present in unpatched Drupal

Read more

Drupal Remote Code Execution Vulnerability [CVE-2018-7602]

A vulnerability in multiple subsystems of Drupal could allow an authenticated, remote attacker to execute arbitrary code on a targeted

Read more
%d bloggers like this: