8.1.2

DATE	CVE	VULNERABILITY TITLE	RISK
2016-09-09	CVE-2016-6212	Information Exposure vulnerability in Drupal The Views module 7.x-3.x before 7.x-3.14 in Drupal 7.x and the Views module in Drupal 8.x before 8.1.3 might allow remote authenticated users to bypass intended access restrictions and obtain sensitive Statistics information via unspecified vectors. network low complexity drupal CWE-200	5.0
2016-07-19	CVE-2016-5385	Open Redirect vulnerability in multiple products PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue. network high complexity oracle fedoraproject hp php redhat debian opensuse drupal CWE-601	8.1