From security em unicamp.br  Wed Jul 20 15:06:40 2022
From: security em unicamp.br (CSIRT Unicamp)
Date: Wed, 20 Jul 2022 15:06:40 -0300
Subject: [SECURITY-L] Drupal core - Moderately critical - Multiple
 vulnerabilities
Message-ID: <CAEsueBP=3RsStqTzfbiL893epYrD3XpLcZZLOcWnXhmp-sV1xQ@mail.gmail.com>

Drupal core - Moderately critical - Multiple vulnerabilities -
SA-CORE-2022-015
View online: https://www.drupal.org/sa-core-2022-015
Project: Drupal core [1]
Date: 2022-July-20
Security risk: *Moderately critical* 11?25
AC:Complex/A:User/CI:Some/II:Some/E:Theoretical/TD:Uncommon [2]
Vulnerability: Multiple vulnerabilities

Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2022-014
View online: https://www.drupal.org/sa-core-2022-014
Project: Drupal core [1]
Date: 2022-July-20
Security risk: *Critical* 15?25
AC:Basic/A:Admin/CI:All/II:All/E:Theoretical/TD:Uncommon [2]
Vulnerability: Arbitrary PHP code execution

Drupal core - Moderately critical - Access Bypass - SA-CORE-2022-013
View online: https://www.drupal.org/sa-core-2022-013
Project: Drupal core [1]
Date: 2022-July-20
Security risk: *Moderately critical* 12?25
AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:Uncommon [2]
Vulnerability: Access Bypass

Drupal core - Moderately critical - Information Disclosure -
SA-CORE-2022-012
View online: https://www.drupal.org/sa-core-2022-012
Project: Drupal core [1]
Date: 2022-July-20
Security risk: *Moderately critical* 13?25
AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:Uncommon [2]
Vulnerability: Information Disclosure

===
Computer Security Incident Response Team - CSIRT
Universidade Estadual de Campinas - Unicamp
Centro de Computacao - CCUEC
GnuPG Public Key: http://www.security.unicamp.br/security.asc [^]
Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://www.listas.unicamp.br/pipermail/security-l/attachments/20220720/fc96d8a5/attachment.html>

From security em unicamp.br  Wed Jul 27 15:11:59 2022
From: security em unicamp.br (CSIRT Unicamp)
Date: Wed, 27 Jul 2022 15:11:59 -0300
Subject: [SECURITY-L] [Security-news] PDF generator API - Moderately
 critical - Remote Code Execution - SA-CONTRIB-2022-050
In-Reply-To: <mailman.9598.1658944851.56889.security-news@drupal.org>
References: <mailman.9598.1658944851.56889.security-news@drupal.org>
Message-ID: <CAEsueBO0OGLSqtsS1gq+qELrbJ_GnsVUS=akMSc39cf-3eKOPQ@mail.gmail.com>

View online: https://www.drupal.org/sa-contrib-2022-050

Project: PDF generator API [1]
Version: 2.2.12.2.02.1.02.0.0
Date: 2022-July-27
Security risk: *Moderately critical* 12?25
AC:Complex/A:User/CI:Some/II:Some/E:Theoretical/TD:Default [2]
Vulnerability: Remote Code Execution

Description:
This module enables you to generate PDF versions of content.

Some installations of the module make use of the dompdf/dompdf third-party
dependency.

Security vulnerabilities exist for versions of dompdf/dompdf before 2.0.0 as
described in the 2.0.0 release notes. [3]

Solution:
Install the latest version:

   * If you use the pdf_api module for Drupal 2.x, upgrade to pdf_api 2.2.2
[4]

Reported By:
   * tedfordgif [5]
   * David Archuleta [6]

Fixed By:
   * tedfordgif [7]
   * Nigel Cunningham [8]

Coordinated By:
   * Damien McKenna [9] of the Drupal Security Team
   * Greg Knaddison [10] of the Drupal Security Team


[1] https://www.drupal.org/project/pdf_api
[2] https://www.drupal.org/security-team/risk-levels
[3] https://github.com/dompdf/dompdf/releases/tag/v2.0.0
[4] https://www.drupal.org/project/pdf_api/releases/2.2.2
[5] https://www.drupal.org/user/215631
[6] https://www.drupal.org/user/3569928
[7] https://www.drupal.org/user/215631
[8] https://www.drupal.org/user/250105
[9] https://www.drupal.org/user/108450
[10] https://www.drupal.org/user/36762

_______________________________________________
Security-news mailing list
Security-news em drupal.org
Unsubscribe at https://lists.drupal.org/mailman/listinfo/security-news

===
Computer Security Incident Response Team - CSIRT
Universidade Estadual de Campinas - Unicamp
Centro de Computacao - CCUEC
GnuPG Public Key: http://www.security.unicamp.br/security.asc [^]
Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://www.listas.unicamp.br/pipermail/security-l/attachments/20220727/b350a51f/attachment.html>

From security em unicamp.br  Wed Jul 27 15:13:21 2022
From: security em unicamp.br (CSIRT Unicamp)
Date: Wed, 27 Jul 2022 15:13:21 -0300
Subject: [SECURITY-L] Fwd: [Security-news] Tagify - Moderately critical -
 Access bypass - SA-CONTRIB-2022-051
In-Reply-To: <mailman.9599.1658944852.56889.security-news@drupal.org>
References: <mailman.9599.1658944852.56889.security-news@drupal.org>
Message-ID: <CAEsueBOoZnJ7rpDZAX-byDiYwm7d2vCOz4dC1d3_q-es=e-xgA@mail.gmail.com>

View online: https://www.drupal.org/sa-contrib-2022-051

Project: Tagify [1]
Version: 1.0.41.0.31.0.2-beta11.0.1-beta11.0.0-beta1
Date: 2022-July-27
Security risk: *Moderately critical* 11?25
AC:Complex/A:User/CI:None/II:Some/E:Exploit/TD:Uncommon [2]
Vulnerability: Access bypass

Description:
This module provides a widget to transform entity reference fields into a
more user-friendly tags input component with a great performance.

The module doesn't sufficiently check access for the add operation. Users
with permission to edit content can view and reference unpublished terms.
The
edit form may expose term data that users could not otherwise see, since
there is no term view route by default.

This vulnerability is slightly mitigated by the fact that an attacker must
have a role with the permission "access content", so may not be accessible
to
anonymous users on all sites.

Solution:
Install the latest version:

   * If you use the Tagify module for Drupal 9.x, upgrade to Tagify 1.0.5
[3]

Reported By:
   * Conrad Lara [4]

Fixed By:
   * David Galeano [5]
   * Conrad Lara [6]

Coordinated By:
   * Damien McKenna [7] of the Drupal Security Team
   * Greg Knaddison [8] of the Drupal Security Team


[1] https://www.drupal.org/project/tagify
[2] https://www.drupal.org/security-team/risk-levels
[3] https://www.drupal.org/project/tagify/releases/1.0.5
[4] https://www.drupal.org/user/1790054
[5] https://www.drupal.org/user/3591999
[6] https://www.drupal.org/user/1790054
[7] https://www.drupal.org/user/108450
[8] https://www.drupal.org/user/36762

_______________________________________________
Security-news mailing list
Security-news em drupal.org
Unsubscribe at https://lists.drupal.org/mailman/listinfo/security-news

===
Computer Security Incident Response Team - CSIRT
Universidade Estadual de Campinas - Unicamp
Centro de Computacao - CCUEC
GnuPG Public Key: http://www.security.unicamp.br/security.asc [^]
Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://www.listas.unicamp.br/pipermail/security-l/attachments/20220727/4dd94344/attachment.html>