drupal/drupal vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2024-55636Lowdrupal/core: Drupal core contains a potential PHP Object Injection vulnerabilityCVE-2024-55638Highdrupal/core: Drupal core contains a potential PHP Object Injection vulnerabilityCVE-2024-55637Highdrupal/core: Drupal core contains a potential PHP Object Injection vulnerabilityCVE-2024-55634Mediumdrupal/core: Drupal core Access bypassCVE-2024-12393Mediumdrupal/core: Drupal Core Cross-Site Scripting (XSS)CVE-2024-45440Mediumdrupal/drupal: Drupal Full Path DisclosureGHSA-QF65-HPH9-453RMediumdrupal/drupal: Drupal Cross-Site Scripting (XSS) affecting CKEditor Third-party libraryGHSA-J66P-FVP2-FXHJHighdrupal/drupal: Drupal core Arbitrary PHP code executionGHSA-337W-FXPQ-5M34Mediumdrupal/drupal: Drupal core uses a vulnerable Third-party library CKEditorGHSA-WXFG-253G-M7R4Mediumdrupal/drupal: Drupal core Open Redirect vulnerabilityGHSA-M9FV-WHQ2-6WMCHighdrupal/drupal: Drupal core Multiple vulnerabilities due to the use of the third-party library Archive_TarGHSA-5X28-3F32-X523Mediumdrupal/drupal: Drupal core Access control bypass GHSA-W333-5F96-MJRRMediumdrupal/drupal: Drupal core Denial of ServiceGHSA-JF8C-36VW-98X4Criticaldrupal/drupal: Drupal core Remote Code ExecutionGHSA-JJX7-8462-W4M4Criticaldrupal/drupal: Drupal Core Insufficient Contextual Links validation leads to Remote Code ExecutionGHSA-58XV-7H9R-MX3CMediumdrupal/drupal: Drupal Malicious file upload with filenames stating with dotGHSA-X6V2-XMRQ-574JMediumdrupal/drupal: Drupal Anonymous Open RedirectGHSA-86XW-VMCX-9MJ4Mediumdrupal/drupal: Drupal Content moderation Access bypassGHSA-R67R-42WX-C8R7Mediumdrupal/drupal: Drupal External URL injection through URL aliases leading to Open RedirectCVE-2018-7602Criticaldrupal/core: Drupal Core Remote Code Execution VulnerabilityCVE-2019-6342Criticaldrupal/core: Drupal Improper Access ControlCVE-2020-13663Highdrupal/core: Drupal Core Cross-Site Request Forgery (CSRF) vulnerabilityCVE-2020-13667Mediumdrupal/core: Drupal Core Access bypass vulnerability CVE-2020-13665Criticaldrupal/core: Drupal Core Access bypass vulnerabilityCVE-2020-13664Highdrupal/core: Drupal Core Arbitrary PHP code execution vulnerability

Stop the waste.
Protect your environment with Kodem.