Drupal Full Path Disclosure Vulnerability [CVE-2024-45440]
CVE number = CVE-2024-45440 core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the
Read MoreCVE number = CVE-2024-45440 core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the
Read MoreCVE numbers = CVE-2022-31042 and CVE-2022-31043 Drupal uses the third-party Guzzle library for handling HTTP requests and responses to external
Read MoreDrupal uses the third-party Guzzle library for handling HTTP requests and responses to external services. Guzzle has released a security update which
Read MoreThe Drupal project uses the PEAR Archive_Tar library. The PEAR Archive_Tar library has released a security update that impacts Drupal.
Read MoreThe Drupal project uses the third-party library CKEditor, which has released a security improvement that is needed to protect some Drupal configurations. Vulnerabilities
Read MoreCVE Number – CVE-2019-6341 A vulnerability in File module/subsystem of Drupal could allow an authenticated, remote attacker to conduct a cross-site scripting
Read MoreThis module addresses the General Data Protection Regulation (GDPR) that came into effect 25th May 2018, and the EU Directive
Read MoreCVE Number – CVE-2019-6339 A vulnerability in the PHP built-in phar stream wrapper used in Drupal could allow an authenticated, remote attacker
Read MoreCVE Number – CVE-2019-6338 A vulnerability in the Drupal core PEAR Archive_Tar library of Drupal Core could allow an authenticated, remote attacker
Read MoreA new attack methodology has been identified which involves the Dirty COW and Drupalgeddon 2 vulnerabilities present in unpatched Drupal
Read More