CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-6922 – Files uploaded by anonymous users into a private file system can be accessed by other anonymous users
https://notcve.org/view.php?id=CVE-2017-6922
In Drupal core 8.x prior to 8.3.4 and Drupal core 7.x prior to 7.56; Private files that have been uploaded by an anonymous user but not permanently attached to content on the site should only be visible to the anonymous user that uploaded them, rather than all anonymous users. Drupal core did not previously provide this protection, allowing an access bypass vulnerability to occur. This issue is mitigated by the fact that in order to be affected, the site must allow anonymous users to upload files into a private file system. En Drupal core, en las versiones 8.x anteriores a la 8.3.4 y en las 7.x anteriores a la 7.56, los archivos privados subidos por un usuario anónimo que no estén conectados al contenido del sitio deberían ser visibles solo para el mismo usuario anónimo que los subió, en lugar de todos los usuarios anónimos. Anteriormente, Drupal core no disponía de esta protección, permitiendo que ocurriera una vulnerabilidad de omisión de acceso. • http://www.securityfocus.com/bid/99219 http://www.securitytracker.com/id/1038781 https://www.debian.org/security/2017/dsa-3897 https://www.drupal.org/forum/newsletters/security-advisories-for-drupal-core/2017-06-21/drupal-core-multiple • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 8.0EPSS: 0%CPEs: 5EXPL: 0CVE-2019-6338 – third-party PEAR Archive_Tar library updates
https://notcve.org/view.php?id=CVE-2019-6338
In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8.5.x prior to 8.5.9; Drupal core uses the third-party PEAR Archive_Tar library. This library has released a security update which impacts some Drupal configurations. Refer to CVE-2018-1000888 for details Drupal Core, en sus versiones 7.x anteriores a la 7.62, en las 8.6.x anteriores a la 8.6.6 y en las 8.5.x anteriores a la 8.5.9, utiliza la biblioteca "PEAR Archive_Tar" de terceros. Esta biblioteca ha publicado una actualización de seguridad que impacta en algunas configuraciones de Drupal. Véase CVE-2018-1000888 para más información. • http://www.securityfocus.com/bid/106706 https://lists.debian.org/debian-lts-announce/2019/02/msg00032.html https://www.debian.org/security/2019/dsa-4370 https://www.drupal.org/sa-core-2019-001 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 97%CPEs: 6EXPL: 5CVE-2018-7602 – Drupal Core Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7602
A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild. Existe una vulnerabilidad de ejecución remota de código en múltiples subsistemas de Drupal en versiones 7.x y 8.x. • https://www.exploit-db.com/exploits/44557 https://www.exploit-db.com/exploits/44542 https://github.com/happynote3966/CVE-2018-7602 https://github.com/132231g/CVE-2018-7602 https://github.com/kastellanos/CVE-2018-7602 http://www.securityfocus.com/bid/103985 http://www.securitytracker.com/id/1040754 https://lists.debian.org/debian-lts-announce/2018/04/msg00030.html https://www.debian.org/security/2018/dsa-4180 https://www.drupal.org/sa-core-2018-004 •
CVSS: 9.8EPSS: 97%CPEs: 7EXPL: 28CVE-2018-7600 – Drupal Core Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-7600
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations. Drupal en versiones anteriores a la 7.58, 8.x anteriores a la 8.3.9, 8.4.x anteriores a la 8.4.6 y 8.5.x anteriores a la 8.5.1 permite que los atacantes remotos ejecuten código arbitrario debido a un problema que afecta a múltiples subsistemas con configuraciones de módulos por defecto o comunes. Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise. • https://www.exploit-db.com/exploits/44482 https://www.exploit-db.com/exploits/44449 https://www.exploit-db.com/exploits/44448 https://github.com/a2u/CVE-2018-7600 https://github.com/pimps/CVE-2018-7600 https://github.com/g0rx/CVE-2018-7600-Drupal-RCE https://github.com/firefart/CVE-2018-7600 https://github.com/r3dxpl0it/CVE-2018-7600 https://github.com/dr-iman/CVE-2018-7600-Drupal-0day-RCE https://github.com/sl4cky/CVE-2018-7600 https://github.com/s • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2017-6927
https://notcve.org/view.php?id=CVE-2017-6927
Drupal 8.4.x versions before 8.4.5 and Drupal 7.x versions before 7.57 has a Drupal.checkPlain() JavaScript function which is used to escape potentially dangerous text before outputting it to HTML (as JavaScript output does not typically go through Twig autoescaping). This function does not correctly handle all methods of injecting malicious HTML, leading to a cross-site scripting vulnerability under certain circumstances. The PHP functions which Drupal provides for HTML escaping are not affected. Las versiones 8.4.x de Drupal anteriores a la 8.4.5 y las versiones 7.x anteriores a la 7.57 tienen una función de JavaScript Drupal.checkPlain() que se emplea para escapar texto potencialmente peligroso antes de extraerlo como HTML (ya que la exportación JavaScript no suele pasar un proceso de autoescape Twig). Esta función no gestiona adecuadamente todos los métodos de inyección de HTML malicioso, lo que conduce a una vulnerabilidad de Cross-Site Scripting (XSS) en ciertas circunstancias. • http://www.securityfocus.com/bid/103138 https://lists.debian.org/debian-lts-announce/2018/02/msg00030.html https://www.debian.org/security/2018/dsa-4123 https://www.drupal.org/sa-core-2018-001 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •