Blog Tags: 
security
drupal
drupal8
announcement
drupal7
v15.x

Security Vulnerabilities: SA-CORE-2019-003 - Drupal 8 Core, Drupal 7 plugins

Jeremy Davis - Sun, 2019/02/24 - 05:37

SA-CORE-2019-003 - Highly critical - Remote Code Execution

Popular CMS platform Drupal recently announced a highly critical security vulnerability: SA-CORE-2019-003. This vulnerability allows for remote code execution on an exploited server. It is rated Highly Critical and mass exploits are now being reported in the wild!

Read more and discuss
Blog Tags: 
security
drupal
drupal7
drupal8
announcement
v15.x

Security Vulnerabilities: SA-CORE-2018-006 - Drupal 7.x & Drupal 8.x

Jeremy Davis - Thu, 2018/10/18 - 03:57

SA-CORE-2018-006 - Multiple Vulnerabilities in Drupal 7 & 8

Popular CMS platform Drupal have just announced that versions of Drupal 7 prior to 7.60 and Drupal 8 prior to 8.5.8 and/or 8.6.2 are affected by SA-CORE-2018-006. For more info on the vulnerabilities, please see the relevant Drupal advisory.

Read more and discuss
Blog Tags: 
drupal
drupal7
drupal8
security

Drupal SA-CORE-2018-002 - Highly critical - Remote Code Execution vulnerability

Jeremy Davis - Wed, 2018/04/04 - 06:37 - 2 comments

Late last week, the Drupal Security Team announced a "Highly critical" remote code execution vulnerability that affects Drupal 6 (EOL), Drupal 7 and Drupal 8. SA-CORE-2018-002 dubbed "Drupalgeddon2" was discovered by Jasper Mattsson. Drupal scores it a whopping 21 (out of a possible 25) "Security Risk Level". All users are recommended to update their Drupal sites immediately.

Read more and discuss