[SECURITY-L] Diversas vulnerabilidades Criticas do Drupal
CSIRT Unicamp
security em unicamp.br
Quarta Janeiro 26 16:07:42 -03 2022
View online: https://www.drupal.org/sa-contrib-2022-006
Project: Taxonomy Access Control Lite [1]
Date: 2022-January-25
Security risk: *Critical* 15∕25
AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2]
Vulnerability: Unsupported
View online: https://www.drupal.org/sa-contrib-2022-007
Project: Colorbox [1]
Date: 2022-January-25
Security risk: *Critical* 15∕25
AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2]
Vulnerability: Unsupported
View online: https://www.drupal.org/sa-contrib-2022-008
Project: Admin Toolbar Search [1]
Date: 2022-January-25
Security risk: *Critical* 15∕25
AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2]
Vulnerability: Unsupported
View online: https://www.drupal.org/sa-contrib-2022-009
Project: Expire reset password link [1]
Date: 2022-January-25
Security risk: *Critical* 15∕25
AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2]
Vulnerability: Unsupported
View online: https://www.drupal.org/sa-contrib-2022-010
Project: Rate [1]
Date: 2022-January-25
Security risk: *Critical* 15∕25
AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2]
Vulnerability: Unsupported
View online: https://www.drupal.org/sa-contrib-2022-011
Project: Navbar [1]
Date: 2022-January-25
Security risk: *Moderately critical* 13∕25
AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Default [2]
Vulnerability: Cross Site Scripting
View online: https://www.drupal.org/sa-contrib-2022-012
Project: Swiftype integration [1]
Date: 2022-January-25
Security risk: *Critical* 15∕25
AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2]
Vulnerability: Unsupported
View online: https://www.drupal.org/sa-contrib-2022-013
Project: Business Responsive Theme [1]
Date: 2022-January-25
Security risk: *Critical* 15∕25
AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2]
Vulnerability: Unsupported
View online: https://www.drupal.org/sa-contrib-2022-014
Project: Private Taxonomy Terms [1]
Date: 2022-January-26
Security risk: *Critical* 15∕25
AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:All [2]
Vulnerability: Access bypass, Information Disclosure, Multiple
vulnerabilities
View online: https://www.drupal.org/sa-contrib-2022-015
Project: Exif [1]
Date: 2022-January-25
Security risk: *Critical* 15∕25
AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2]
Vulnerability: Unsupported
View online: https://www.drupal.org/sa-contrib-2022-016
Project: Vocabulary Permissions Per Role [1]
Date: 2022-January-25
Security risk: *Critical* 15∕25
AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2]
Vulnerability: Unsupported
View online: https://www.drupal.org/sa-contrib-2022-017
Project: Media Entity Flickr [1]
Date: 2022-January-25
Security risk: *Critical* 15∕25
AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2]
Vulnerability: Unsupported
View online: https://www.drupal.org/sa-contrib-2022-018
Project: Cog [1]
Date: 2022-January-25
Security risk: *Critical* 15∕25
AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2]
Vulnerability: Unsupported
View online: https://www.drupal.org/sa-contrib-2022-019
Project: Vendor Stream Wrapper [1]
Date: 2022-January-25
Security risk: *Critical* 15∕25
AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2]
Vulnerability: Unsupported
View online: https://www.drupal.org/sa-contrib-2022-020
Project: Remote Stream Wrapper [1]
Date: 2022-January-25
Security risk: *Critical* 15∕25
AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2]
Vulnerability: Unsupported
View online: https://www.drupal.org/sa-contrib-2022-021
Project: Image Media Export Import [1]
Date: 2022-January-25
Security risk: *Critical* 15∕25
AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2]
Vulnerability: Unsupported
View online: https://www.drupal.org/sa-contrib-2022-022
Project: Printer, email and PDF versions [1]
Date: 2022-January-25
Security risk: *Critical* 15∕25
AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All [2]
Vulnerability: Unsupported
===
Computer Security Incident Response Team - CSIRT
Universidade Estadual de Campinas - Unicamp
Centro de Computacao - CCUEC
GnuPG Public Key: http://www.security.unicamp.br/security.asc [^]
Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://www.listas.unicamp.br/pipermail/security-l/attachments/20220126/a01fb7af/attachment-0001.html>
Mais detalhes sobre a lista de discussão SECURITY-L