CVE-2020-13662
https://notcve.org/view.php?id=CVE-2020-13662
Open Redirect vulnerability in Drupal Core allows a user to be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL. This issue affects: Drupal Drupal Core 7 version 7.70 and prior versions. Una vulnerabilidad de Redireccionamiento Abierto en Drupal Core, permite engañar a un usuario de visitar un enlace especialmente diseñado que lo redireccionaría a una URL externa arbitraria. Este problema afecta a: Drupal Drupal Core 7 versión 7.70 y versiones anteriores • https://www.drupal.org/sa-core-2020-003 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2020-13665
https://notcve.org/view.php?id=CVE-2020-13665
Access bypass vulnerability in Drupal Core allows JSON:API when JSON:API is in read/write mode. Only sites that have the read_only set to FALSE under jsonapi.settings config are vulnerable. This issue affects: Drupal Drupal Core 8.8.x versions prior to 8.8.8; 8.9.x versions prior to 8.9.1; 9.0.x versions prior to 9.0.1. Una vulnerabilidad de omisión de acceso en Drupal Core permite JSON:API cuando JSON:API está en modo de lectura y escritura. Solo los sitios que tienen read_only ajustado en FALSE bajo la configuración jsonapi.settings son vulnerables. • https://www.drupal.org/sa-core-2020-006 •
CVE-2020-13666
https://notcve.org/view.php?id=CVE-2020-13666
Cross-site scripting vulnerability in Drupal Core. Drupal AJAX API does not disable JSONP by default, allowing for an XSS attack. This issue affects: Drupal Drupal Core 7.x versions prior to 7.73; 8.8.x versions prior to 8.8.10; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6. Una vulnerabilidad de tipo cross-site scripting en Drupal Core. La API de Drupal AJAX no deshabilita JSONP por defecto, permitiendo un ataque de tipo XSS. • https://www.drupal.org/sa-core-2020-007 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-36193 – PEAR Archive_Tar Improper Link Resolution Vulnerability
https://notcve.org/view.php?id=CVE-2020-36193
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948. El archivo Tar.php en Archive_Tar versiones hasta 1.4.11, permite operaciones de escritura con Salto de Directorio debido a una comprobación inadecuada de enlaces simbólicos, un problema relacionado al CVE-2020-28948 A flaw was found in the Archive_Tar package. Archive_Tar could allow a remote attacker to traverse directories on the system caused by inadequate checking of symbolic links. An attacker could send a specially-crafted URL request to the Tar.php script containing "dot dot" sequences (/../) to modify arbitrary files on the system. PEAR Archive_Tar Tar.php allows write operations with directory traversal due to inadequate checking of symbolic links. • https://github.com/pear/Archive_Tar/commit/cde460582ff389404b5b3ccb59374e9b389de916 https://lists.debian.org/debian-lts-announce/2021/01/msg00018.html https://lists.debian.org/debian-lts-announce/2021/04/msg00007.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/42GPGVVFTLJYAKRI75IVB5R45NYQGEUR https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOZNK4FIIV7FSFCJNNFWMJZTTV7NFJV2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedora • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2020-35191
https://notcve.org/view.php?id=CVE-2020-35191
The official drupal docker images before 8.5.10-fpm-alpine (Alpine specific) contain a blank password for a root user. System using the drupal docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password. Las imágenes de docker de official drupal versiones anteriores a 8.5.10-fpm-alpine (específicas de Alpine), contienen una contraseña en blanco para un usuario root. El sistema que usa el contenedor de docker drupal docker implementado por unas versiones afectadas de la imagen de docker puede permitir a un atacante remoto conseguir acceso root con una contraseña en blanco • https://github.com/koharin/koharin2/blob/main/CVE-2020-35191 • CWE-306: Missing Authentication for Critical Function •