|Max CVSS||7.5||Min CVSS||4.0||Total Count||3|
|ID||CVSS||Summary||Last (major) update||Published|
In Drupal core 8.x prior to 8.3.4 and Drupal core 7.x prior to 7.56; Private files that have been uploaded by an anonymous user but not permanently attached to content on the site should only be visible to the anonymous user that uploaded them, rathe
|22-01-2019 - 10:29||22-01-2019 - 10:29|
In Drupal 8 prior to 8.3.4; The file REST resource does not properly validate some fields when manipulating files. A site is only affected by this if the site has the RESTful Web Services (rest) module enabled, the file REST resource is enabled and a
|15-01-2019 - 16:29||15-01-2019 - 16:29|
Drupal core 8 before versions 8.3.4 allows remote attackers to execute arbitrary code due to the PECL YAML parser not handling PHP objects safely during certain operations.
|07-08-2018 - 21:29||06-08-2018 - 11:29|