Security News

Access Bypass Vulnerabilities Patched in Drupal 8 (Security Week)
2017-08-17 06:08

A Drupal 8 security update released on Wednesday addresses several access bypass vulnerabilities affecting components such as views, the REST API and the entity access system. read more

Drupal Patches Three Vulnerabilities in Core Engine (Threatpost)
2017-06-22 16:22

Developers with Drupal patched three vulnerabilities, one critical, one being exploited in the wild, in Drupal’s core engine on Wednesday.

Drupal Patches Flaw Exploited in Spam Campaigns (Security Week)
2017-06-22 08:53

Drupal security updates released on Wednesday address several vulnerabilities, including one that has been exploited in spam campaigns. The flaw exploited in the wild, patched with the release of...

Drupal Closes Access Bypass Vulnerability in Core Engine (Threatpost)
2017-04-20 13:57

Drupal released a point update for its core engine to patch a critical access bypass vulnerability.

Drupal Fixes ‘Moderately Critical’ Vulnerabilities in Core Engine (Threatpost)
2016-11-18 18:56

Drupal fixed a handful of issues in version 7 and 8 of the content management system core engine that could have led to cache poisoning, social engineering attacks, and a denial of service condition.