Lucene search
GoogleOSV:GHSA-3327-JR93-7HQ3HistoryMay 13, 2022 - 1:46 a.m.
Drupal access bypass vulnerability
2022-05-1301:46:48
Google
osv.dev
2
In Drupal versions 8.4.x versions before 8.4.5 when using node access controls with a multilingual site, Drupal marks the untranslated version of a node as the default fallback for access queries. This fallback is used for languages that do not yet have a translated version of the created node. This can result in an access bypass vulnerability. This issue is mitigated by the fact that it only applies to sites that a) use the Content Translation module; and b) use a node access module such as Domain Access which implement hook_node_access_records().
Related
cvelist
cvelist
CVE-2017-6930
2018-02-21 00:00:00
cve
cve
CVE-2017-6930
2018-03-01 23:29:00
prion
prion
Design/Logic Flaw
2018-03-01 23:29:00
github
github
Drupal access bypass vulnerability
2022-05-13 01:46:48
nvd
nvd
CVE-2017-6930
2018-03-01 23:29:00
friendsofphp
friendsofphp
veracode
veracode
Access Restriction Bypass
2018-05-31 05:06:29
osv
osv
CVE-2017-6930
2018-03-01 23:29:00
nessus
nessus
Drupal 8.5.x < 8.5.0-rc1 Multiple Vulnerabilities
2018-11-05 00:00:00
Drupal 8.x < 8.4.5 Multiple Vulnerabilities (SA-CORE-2018-001)
2018-03-01 00:00:00
Drupal 8.x < 8.4.5 Multiple Vulnerabilities
2018-11-05 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: drupal7-7.58-1.fc27
2018-04-10 19:11:10
[SECURITY] Fedora 26 Update: drupal7-7.58-1.fc26
2018-04-10 18:30:33
[SECURITY] Fedora 28 Update: drupal7-7.58-1.fc28
2018-04-03 13:29:13
openvas
openvas
Drupal Core Multiple Vulnerabilities (SA-CORE-2018-001) - Linux
2018-02-22 00:00:00
Fedora Update for drupal8 FEDORA-2018-8fd924a53d
2018-05-16 00:00:00
Fedora Update for drupal8 FEDORA-2018-1ba93b3144
2018-05-12 00:00:00
freebsd
freebsd
drupal -- Drupal Core - Multiple Vulnerabilities
2018-02-21 00:00:00