Drupal Security Announcements
This list is for security announcements sent out be the Drupal security team.
http://drupal.org/taxonomy/term/44/0
URL
Last update
1 year 31 weeks agoApril 11, 2007
18:05
- Advisory ID: DRUPAL-SA-2007-013.
- Project: Database Administration (third-party module).
- Version: 4.6.x-1.*, 4.7.x-1.*.
- Date: 2007-April-11.
- Security risk: Critical.
- Exploitable from: Remote.
- Vulnerability: Cross site scripting and cross site request forgery.
March 8, 2007
04:00
- Advisory ID: DRUPAL-SA-2007-012.
- Project: Project issue tracking (third-party module).
- Version: 4.7.x-1.*, 4.7.x-2.*, 5.x-0.*.
- Date: 2007-March-08.
- Security risk: Critical.
- Exploitable from: Remote.
- Vulnerability: Access bypass.
March 6, 2007
16:25
- Advisory ID: DRUPAL-SA-2007-011
- Project: Node familty (third-party module)
- Version: 5.x
- Date: 2007-March-6
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Access bypass
February 15, 2007
23:12
- Advisory ID: DRUPAL-SA-2007-010
- Project: Secure site (third-party module)
- Version: 4.7, 5
- Date: 2007-Feb-16
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Access bypass
21:21
- Advisory ID: DRUPAL-SA-2007-009.
- Project: getID3 (third-party library) used by Audio and Mediafield
- Version: getID3 1.7.1
- Date: 2007-Feb-16
- Security risk: Highly critical
- Exploitable from: Remote
- Vulnerability: Arbitrary code execution
05:24
- Advisory ID: DRUPAL-SA-2007-008
- Project: Image Pager (third-party module)
- Version: 4.7.x-1.x-dev, 5.x-1.x-dev
- Date: 2007-02-15
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting