Vulnerabilities > Drupal

DATE CVE VULNERABILITY TITLE RISK
2023-04-26 CVE-2022-25275 Unspecified vulnerability in Drupal
In some situations, the Image module does not correctly check access to image files not stored in the standard public files directory when generating derivative images using the image styles system.
network
low complexity
drupal
7.5
7.5
2022-09-28 CVE-2022-39261 Path Traversal vulnerability in multiple products
Twig is a template language for PHP.
network
low complexity
symfony drupal fedoraproject debian CWE-22
7.5
7.5
2022-07-20 CVE-2022-31160 jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery.
network
low complexity
jqueryui netapp drupal fedoraproject debian
6.1
6.1
2022-06-10 CVE-2022-31042 Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products
Guzzle is an open source PHP HTTP client.
network
low complexity
guzzlephp drupal debian CWE-212
7.5
7.5
2022-06-10 CVE-2022-31043 Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products
Guzzle is an open source PHP HTTP client.
network
low complexity
guzzlephp drupal debian CWE-212
7.5
7.5
2022-06-03 CVE-2022-26493 Improper Certificate Validation vulnerability in Drupal Saml SP 2.0 Single Sign on
Xecurify's miniOrange Premium, Standard, and Enterprise Drupal SAML SP modules possess an authentication and authorization bypass vulnerability.
network
low complexity
drupal CWE-295
8.8
8.8
2022-05-25 CVE-2022-29248 Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products
Guzzle is a PHP HTTP client.
network
low complexity
guzzlephp drupal debian CWE-565
8.1
8.1
2022-03-21 CVE-2022-24775 guzzlehttp/psr7 is a PSR-7 HTTP message library.
network
low complexity
drupal guzzlephp
7.5
7.5
2022-03-16 CVE-2022-24729 CKEditor4 is an open source what-you-see-is-what-you-get HTML editor.
network
low complexity
ckeditor drupal oracle fedoraproject
7.5
7.5
2022-03-16 CVE-2022-24728 Cross-site Scripting vulnerability in multiple products
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor.
network
low complexity
ckeditor drupal oracle fedoraproject CWE-79
5.4
5.4