Drupal up to 7.73/8.8.10/8.9.8/9.0.7 File unrestricted upload

A vulnerability classified as critical has been found in Drupal up to 7.73/8.8.10/8.9.8/9.0.7 (Content Management System). This affects some unknown processing of the component File Handler. Upgrading to version 7.74, 8.8.11, 8.9.9 or 9.0.8 eliminates this vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

133

Field

vulnerability_cvss3_meta_tempscore3
vulnerability_cvss3_meta_basescore2
vulnerability_cvss2_vuldb_tempscore2
vulnerability_cvss3_vuldb_tempscore2
vulnerability_cvss3_nvd_basescore1

Commit Conf

90%32
70%17
50%14

Approve Conf

90%32
70%17
80%14
IDCommitedUserFieldChangeRemarksAcceptedReasonC
1070417412/09/2020VulD...cvss3_nvd_basescore8.8nist.gov12/09/2020accepted
90
1070417312/09/2020VulD...cvss2_nvd_basescore6.5nist.gov12/09/2020accepted
90
1070417212/09/2020VulD...cvss3_meta_tempscore6.8see CVSS documentation12/09/2020accepted
90
1070417112/09/2020VulD...cvss3_meta_basescore7.1see CVSS documentation12/09/2020accepted
90
1070417012/09/2020VulD...cvss2_nvd_aiPnvd.nist.gov12/09/2020accepted
70
1070416912/09/2020VulD...cvss2_nvd_iiPnvd.nist.gov12/09/2020accepted
70
1070416812/09/2020VulD...cvss2_nvd_ciPnvd.nist.gov12/09/2020accepted
70
1070416712/09/2020VulD...cvss2_nvd_auSnvd.nist.gov12/09/2020accepted
70
1070416612/09/2020VulD...cvss2_nvd_acLnvd.nist.gov12/09/2020accepted
70
1070416512/09/2020VulD...cvss2_nvd_avNnvd.nist.gov12/09/2020accepted
70
1070416412/09/2020VulD...cvss3_nvd_aHnvd.nist.gov12/09/2020accepted
70
1070416312/09/2020VulD...cvss3_nvd_iHnvd.nist.gov12/09/2020accepted
70
1070416212/09/2020VulD...cvss3_nvd_cHnvd.nist.gov12/09/2020accepted
70
1070416112/09/2020VulD...cvss3_nvd_sUnvd.nist.gov12/09/2020accepted
70
1070416012/09/2020VulD...cvss3_nvd_uiNnvd.nist.gov12/09/2020accepted
70
1070415912/09/2020VulD...cvss3_nvd_prLnvd.nist.gov12/09/2020accepted
70
1070415812/09/2020VulD...cvss3_nvd_acLnvd.nist.gov12/09/2020accepted
70
1070415712/09/2020VulD...cvss3_nvd_avNnvd.nist.gov12/09/2020accepted
70
1070415612/09/2020VulD...cvss3_meta_tempscore5.3see CVSS documentation12/09/2020accepted
90
1070415512/09/2020VulD...cvss3_vuldb_tempscore5.3see CVSS documentation12/09/2020accepted
90

43 more entries are not shown

Want to stay up to date on a daily basis?

Enable the mail alert feature now!