Top
item
Advertisement

Access Bypass Vulnerabilities Patched in Drupal 8

August 17, 2017

Via: Security Week
Category:

A Drupal 8 security update released on Wednesday addresses several access bypass vulnerabilities affecting components such as views, the REST API and the entity access system.

The most severe of the flaws patched by Drupal 8.3.7 is CVE-2017-6925, a critical issue affecting the entity access system. The weakness can be exploited to view, create, delete or update entities. According to Drupal developers, only entities that don’t have UUIDs and ones that have different access restrictions on different revisions of the same entity are impacted.

Read More on Security Week

RELATED PUBLICATIONS

OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories
Unpatched Vulnerabilities: The Most Brutal Ransomware Attack Vector
Google Patches Exploited Pixel Vulnerabilities

Latest Publications

OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories
10 tips to keep IP safe
Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia 
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!