Drupal contrib security advisories

Subscribe to Drupal contrib security advisories hírcsatorna
Frissítve: 5 óra 33 perc
2023. május 17.

File Chooser Field - Moderately critical - Server Side Request Forgery, Information Disclosure - SA-CONTRIB-2023-015

Project: File Chooser FieldDate: 2023-May-17Security risk: Moderately critical 14∕25 AC:Basic/A:User/CI:Some/II:None/E:Exploit/TD:AllVulnerability: Server Side Request Forgery, Information DisclosureDescription: 

The File Chooser Field allows users to upload files using 3rd party plugins such as Google Drive and Dropbox.

This module fails to validate user input sufficiently which could under certain circumstances lead to a Server Side Request Forgery (SSRF) vulnerability leading to Information Disclosure. In uncommon configurations and scenarios, it might lead to Remote Code Execution.

Solution: Reported By: Fixed By: Coordinated By: 
2023. május 3.

S3 File System - Moderately critical - Access bypass - SA-CONTRIB-2023-014

Project: S3 File SystemVersion: 8.x-3.18.x-3.08.x-3.0-rc28.x-3.0-rc18.x-3.0-beta78.x-3.0-beta68.x-3.0-beta58.x-3.0-beta48.x-3.0-beta38.x-3.0-beta28.x-3.0-beta18.x-3.0-alpha17Date: 2023-May-03Security risk: Moderately critical 13∕25 AC:Complex/A:User/CI:Some/II:Some/E:Theoretical/TD:AllVulnerability: Access bypassDescription: 

S3 File System (s3fs) provides an additional file system to your Drupal site, which stores files in Amazon's Simple Storage Service (S3) or any other S3-compatible storage service.

This module may fail to validate that a file being requested to be moved to storage was uploaded during the same web request, possibly allowing an attacker to move files that should normally be inaccessible to them.

This vulnerability is mitigated by the fact that another vulnerability must already exist outside of s3fs.

Solution: 

Install the latest version:

  • If you use the S3 File System module for Drupal 8.x, upgrade to s3fs 8.x-3.2
Reported By: Fixed By: Coordinated By: 
2023. április 12.

Protected Pages - Critical - Access bypass - SA-CONTRIB-2023-013

Project: Protected PagesDate: 2023-April-12Security risk: Critical 16∕25 AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:AllVulnerability: Access bypassDescription: 

This module enables you to secure any page with a password.

The module does not sufficiently restrict access to the page content.

Solution: 

Install the latest version:

Reported By: Fixed By: Coordinated By: 
2023. március 29.

Xray Audit - Moderately critical - Cross site scripting - SA-CONTRIB-2023-012

Project: Xray AuditDate: 2023-March-29Security risk: Moderately critical 13∕25 AC:Basic/A:Admin/CI:Some/II:Some/E:Theoretical/TD:AllVulnerability: Cross site scriptingDescription: 

This module is a tool for developers, analysts, and administrators that allows them to generate reports on a given Drupal installation.

The module does not sufficiently sanitize some data presented in its reports.

This vulnerability is mitigated by the fact that an attacker must have a role with permissions to administer an impacted content type.

Solution: 

Install the latest version:

Reported By: Fixed By: Coordinated By: 
2023. március 15.

Responsive media Image Formatter - Critical - Unsupported - SA-CONTRIB-2023-011

Project: Responsive media Image FormatterDate: 2023-March-15Security risk: Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:AllVulnerability: UnsupportedDescription: 

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 

If you use this project, you should uninstall it. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.

2023. március 15.

Media Responsive Thumbnail - Moderately critical - Information disclosure - SA-CONTRIB-2023-010

Project: Media Responsive ThumbnailDate: 2023-March-15Security risk: Moderately critical 14∕25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:DefaultVulnerability: Information disclosureDescription: 

The Media Responsive Thumbnail module allows media reference fields to be rendered as a responsive image.

This module does not properly check entity access prior to rendering media. This may result in users seeing thumbnails of media items they do not have access to.

This release was coordinated with SA-CORE-2023-002.

Solution: 

Install the latest version:

Reported By: Fixed By: Coordinated By: 
2023. március 8.

Gutenberg - Less critical - Denial of Service - SA-CONTRIB-2023-009

Project: GutenbergDate: 2023-March-08Security risk: Less critical 8∕25 AC:Basic/A:User/CI:None/II:None/E:Theoretical/TD:AllVulnerability: Denial of ServiceDescription: 

This module provides a new UI experience for node editing - Gutenberg editor.

This vulnerability can cause DoS by using reusable blocks improperly.

This vulnerability is mitigated by the fact an attacker must have "use gutenberg" permission to exploit it.

Solution: 

Install the latest version:

Reported By: Fixed By: Coordinated By: 
2023. március 1.

Group control for forums - Critical - Access bypass - SA-CONTRIB-2023-008

Project: Group control for forumsDate: 2023-March-01Security risk: Critical 15∕25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:AllVulnerability: Access bypassAffected versions: >=2.0.0 <2.0.2Description: 

This module enables you to associate Forums as Group 1.x content and use Group access permissions.

Previous versions of the module incorrectly set node access on creation, and did not correctly restrict access to lists of forum topics.

Solution: 

Install the latest version:

Reported By: Fixed By: Coordinated By: 
2023. március 1.

Thunder - Moderately critical - Access bypass - SA-CONTRIB-2023-007

Project: ThunderDate: 2023-March-01Security risk: Moderately critical 13∕25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:UncommonVulnerability: Access bypassAffected versions: >=6.4.0 <6.4.6 || >=6.5.0 <6.5.3Description: 

Thunder is a Drupal distribution for professional publishing. The thunder distribution ships the thunder_gqls module which provides a graphql interface.

The module doesn't sufficiently check access when serving user data via graphql leading to an access bypass vulnerability potentially exposing email addresses.

Solution: 

Install the latest version:

  • If you use the thunder distribution for Drupal 9.x and have the thunder_gqls module enabled, upgrade to thunder 6.4.6 or thunder 6.5.3 respectively.
Reported By: Fixed By: Coordinated By: 
2023. március 1.

Better Social Sharing Buttons - Less critical - Cross Site Scripting - SA-CONTRIB-2023-006

Project: Better Social Sharing ButtonsDate: 2023-March-01Security risk: Less critical 8∕25 AC:Basic/A:User/CI:None/II:None/E:Theoretical/TD:AllVulnerability: Cross Site ScriptingDescription: 

This module enables you to add social sharing buttons to a site.

The module doesn't sufficiently sanitize the weight and ratio values entered in the module or block configuration.

This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer blocks".

Solution: 

Install the latest version:

Reported By: Fixed By: Coordinated By: