cve-2017-6381
Vulnerability from cvelistv5
Published
2017-03-16 14:00
Modified
2024-08-05 15:25
Severity ?
Summary
A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution. This is mitigated by the default .htaccess protection against PHP execution, and the fact that Composer development dependencies aren't normal installed. You might be vulnerable to this if you are running a version of Drupal before 8.2.2. To be sure you aren't vulnerable, you can remove the <siteroot>/vendor/phpunit directory from your production deployments
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:25:49.286Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1038058",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038058"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.drupal.org/SA-2017-001"
          },
          {
            "name": "96919",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96919"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Drupal Core",
          "vendor": "Drupal",
          "versions": [
            {
              "status": "affected",
              "version": "8.2.x versions before 8.2.7"
            }
          ]
        }
      ],
      "datePublic": "2017-03-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution. This is mitigated by the default .htaccess protection against PHP execution, and the fact that Composer development dependencies aren\u0027t normal installed. You might be vulnerable to this if you are running a version of Drupal before 8.2.2. To be sure you aren\u0027t vulnerable, you can remove the \u003csiteroot\u003e/vendor/phpunit directory from your production deployments"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote code execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-11T09:57:01",
        "orgId": "2c85b837-eb8b-40ed-9d74-228c62987387",
        "shortName": "drupal"
      },
      "references": [
        {
          "name": "1038058",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038058"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.drupal.org/SA-2017-001"
        },
        {
          "name": "96919",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96919"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@drupal.org",
          "ID": "CVE-2017-6381",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Drupal Core",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "8.2.x versions before 8.2.7"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Drupal"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution. This is mitigated by the default .htaccess protection against PHP execution, and the fact that Composer development dependencies aren\u0027t normal installed. You might be vulnerable to this if you are running a version of Drupal before 8.2.2. To be sure you aren\u0027t vulnerable, you can remove the \u003csiteroot\u003e/vendor/phpunit directory from your production deployments"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote code execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1038058",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038058"
            },
            {
              "name": "https://www.drupal.org/SA-2017-001",
              "refsource": "CONFIRM",
              "url": "https://www.drupal.org/SA-2017-001"
            },
            {
              "name": "96919",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/96919"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2c85b837-eb8b-40ed-9d74-228c62987387",
    "assignerShortName": "drupal",
    "cveId": "CVE-2017-6381",
    "datePublished": "2017-03-16T14:00:00",
    "dateReserved": "2017-02-28T00:00:00",
    "dateUpdated": "2024-08-05T15:25:49.286Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-6381\",\"sourceIdentifier\":\"mlhess@drupal.org\",\"published\":\"2017-03-16T14:59:00.300\",\"lastModified\":\"2024-11-21T03:29:39.193\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution. This is mitigated by the default .htaccess protection against PHP execution, and the fact that Composer development dependencies aren\u0027t normal installed. You might be vulnerable to this if you are running a version of Drupal before 8.2.2. To be sure you aren\u0027t vulnerable, you can remove the \u003csiteroot\u003e/vendor/phpunit directory from your production deployments\"},{\"lang\":\"es\",\"value\":\"Una libreria de desarrollo de terceros que incluye las dependencias de desarrollo de Drupal 8 es vulnerable a ejecuci\u00f3n remota de c\u00f3digo. Esto se mitiga por la protecci\u00f3n .htaccess predeterminada contra ejecuci\u00f3n de PHP y el hecho de que las dependencias de desarrollo de Composer no est\u00e1n instaladas normalmente. Puede ser vulnerable a \u00e9sto si est\u00e1 ejecutando una versi\u00f3n de Drupal en versiones anteriores a 8.2.2. Para asegurarse de que no es vulnerable, puede quitar el directorio /vendor/phpunit de sus implementaciones de producci\u00f3n\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-829\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C20DAD7-13A7-40F7-B6E0-965DB4E14508\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:alpha10:*:*:*:*:*:*\",\"matchCriteriaId\":\"144694E6-3287-4F4D-A687-7F495133DBA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:alpha11:*:*:*:*:*:*\",\"matchCriteriaId\":\"581D686B-1061-4271-BEF4-17A429BD666A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:alpha12:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3E45AA6-5FAF-4C63-91F5-0765CE60191A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:alpha13:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE5D81CF-AE7B-4A9C-AD8F-9A19D2AC35DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:alpha14:*:*:*:*:*:*\",\"matchCriteriaId\":\"A27535A5-7C4F-4548-A4B8-5FFBD58361D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:alpha15:*:*:*:*:*:*\",\"matchCriteriaId\":\"17BC6508-3518-4BB5-B29F-4E6CB6DE9D44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:alpha2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CBB5620-5847-443F-8356-B66EE93A3779\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:alpha3:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E81260D-E0D2-4FD2-AAED-99945404EB00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:alpha4:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A7D34E6-76E0-4BCB-A4C8-9401C7331EF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:alpha5:*:*:*:*:*:*\",\"matchCriteriaId\":\"201E2EA9-B811-4BB2-867A-6F12DC472911\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:alpha6:*:*:*:*:*:*\",\"matchCriteriaId\":\"C957B189-10C2-4D42-B5B9-03F7DE287C8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:alpha7:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7E21838-CDEC-41B2-AE40-C78DE8984B6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:alpha8:*:*:*:*:*:*\",\"matchCriteriaId\":\"639F0284-85D1-40B0-B337-77632E7A664B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:alpha9:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F4B611A-3628-41EA-878D-BF9D6C34AA83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"856E46E5-1BF3-42F4-AFCB-81275B1EF265\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:beta10:*:*:*:*:*:*\",\"matchCriteriaId\":\"B351F769-598F-4E3E-99EA-94A5516995A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:beta11:*:*:*:*:*:*\",\"matchCriteriaId\":\"220900E6-5859-4CA9-831E-3FF3C128F060\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:beta12:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D55D51E-DE2D-469C-9F9C-F312A02EE921\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:beta13:*:*:*:*:*:*\",\"matchCriteriaId\":\"259B5FE7-2808-4F61-B98C-73ECC7F9503C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:beta14:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA263BE6-2088-4E18-914B-96CFAA0093E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:beta15:*:*:*:*:*:*\",\"matchCriteriaId\":\"906AED87-8C5C-4214-B5AD-43E5573E357A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:beta16:*:*:*:*:*:*\",\"matchCriteriaId\":\"E150FDA8-5271-465C-8DE0-F44E9FC81E90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E036D4F-BD94-4F77-883C-165B3F0802C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A7068F8-810D-4720-9E0E-06DB1DD366ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"443183F6-9EF5-41AE-8AD0-B304BBF1670A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"58C5EF43-E24F-4BDB-9496-16DE4EEF3E67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"B00B494B-736A-47A7-ACF3-81368C033086\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"E275F22B-7A46-4107-BE6F-6C4D7EAA46FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"63530139-7EF2-4210-9870-B06175ECBC58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED085089-51D6-4E5C-96E8-CC5C7C55CC97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"36FC67CE-9C45-4842-81AF-EEAE557D70D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FE6AC83-B248-4491-A320-836C65E64D6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99D7F3C7-3EC6-48D2-A8D5-1F987FD74A20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"434D4D80-44C0-4278-A09B-005A599F4658\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF1BC91-4A24-40FC-8EEC-E4FAD624C2CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43067661-B562-41BC-B272-8A79075291B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA9EF375-AE7C-4900-A992-C635228889E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53FA0C7F-000A-4CB4-86E3-DEC0C9DCA1BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E39B2B71-C1B8-4A16-88FE-D691CC3C9BE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.1.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"535BC461-E9B1-4124-8125-1D9F91CF4F68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.1.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"06F63C7F-CE02-428D-90CD-05B726C0026D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.1.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F18278D5-A30B-4624-AC64-CA39F92EB8C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3F72CAF-2BCA-454D-B8AC-951EC566A965\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0C7CB5D-CE55-4628-957D-3D2C5EE2353B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9E1FBB4-D63F-4AA0-ADE3-70527F4D84A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D2D1BF3-879B-44C5-B3A0-2E91B27BFF29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2BB7835-2BFD-4182-B112-7E8A9FF2449C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80CE2090-A5AF-47B8-BB7D-727FFF093413\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B28527E-92CB-4171-8EE3-9187C3F44EC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CB85396-4D94-4752-A134-A1644C707777\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6802D01-6220-4EBE-B267-10DC14E6D186\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.1.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAD4EC47-7DD8-443B-8821-DFAE03FE2FD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA084D8B-FEFC-41D5-A384-1DCB297CC1A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.2.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F5756FE-158A-4194-9E5E-EA918C4A3D1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.2.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F344F3CE-C45E-4C3A-9F48-DAA0F2A49137\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.2.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"45C7BA91-93C2-4615-8A4D-11702FF5A155\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.2.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"615DED7F-691F-4EF8-BE82-6E51B4971BFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.2.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"467F335F-6FA1-413F-995F-29136658D969\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:drupal:drupal:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BABC38A1-0034-4CDE-B580-8026D6E0FE39\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/96919\",\"source\":\"mlhess@drupal.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038058\",\"source\":\"mlhess@drupal.org\"},{\"url\":\"https://www.drupal.org/SA-2017-001\",\"source\":\"mlhess@drupal.org\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/96919\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038058\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.drupal.org/SA-2017-001\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.