Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

WS-2016-0146

Good to know:

icon

Date: July 18, 2016

Affected version of drupal(8.0.0 to 8.1.6), are vulnerable to a Multiple Vulnerabilities .

Language: PHP

Severity Score

Related Resources (2)

https://github.com/drupal/drupal/commit/17ff00c6c4a774c5164991f0f179c95ce886793c
https://www.mend.io/vulnerability-database/WS-2016-0146

Severity Score

Weakness Type (CWE)

Improper Access Control

CWE-284

Top Fix

icon

Upgrade Version

Upgrade to version drupal/drupal - 8.0.0;drupal/drupal - 8.1.0-rc1;drupal/drupal - 8.1.x-dev;drupal/drupal - 8.1.7;drupal/drupal - 8.0.0-beta2;drupal/drupal - 8.0.1;drupal/drupal - 8.0.0-rc2;drupal/legacy-scaffold-assets - 8.1.7;drupal/legacy-scaffold-assets - 8.1.x-dev;drupal/core-render - 8.0.0-beta6;drustack/framework-standard-edition - 8.3.x-dev;drustack/framework-standard-edition - 8.2.x-dev;drustack/framework-standard-edition - 8.2.7;drupal/core - 8.1.7;drupal/core - 8.1.x-dev;drupal/core - 8.0.0-beta6;dsdobrzynski/druposer - no_fix;madalinignisca/drupal-skeleton - no_fix;webflo/drupal - no_fix;greg-1-anderson/drupal-scaffold-assets - 8.1.7;greg-1-anderson/drupal-scaffold-assets - 8.1.x-dev;vijaycs85/coverage-report - 8.1.7;vijaycs85/coverage-report - 8.0.0-beta2;drupal/core-dependency-injection - 8.0.0-beta15;dennisdigital/drupal-project - dev-project_configure;acquia/blt - 8.5.2;vdmi/d8-skeleton - no_fix;redactivemedia/redactive-drupal8-platform - 8.1.9

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): HIGH
Availability (A): NONE

Do you need more information?

Contact Us