Drupal core - Critical - Multiple vulnerabilities - SA-CORE-2022-016
Project: Drupal core
Date: 2022-September-28
Security risk: Critical 18∕25
Vulnerability: Multiple vulnerabilities
Affected versions: >= 8.0.0 = 9.4.0 The AltaGrade Blog
Next.js - Moderately critical - Access bypass - SA-CONTRIB-2022-054
Project: Next.js
Version: 1.2.0, 1.1.0, 1.0.0
Date: 2022-September-07
Security risk: Moderately critical 12∕25
Vulnerability: Access bypassDescription
The Next.js module provides an inline preview for content. Authenticated requests are made to Drupal to fetch JSON:API content and render them in an iframe from the decoupled Next.js site.
Permissions by Term - Moderately critical - Access bypass - SA-CONTRIB-2022-056
Project: Permissions by Term
Version: 3.1.18
Date: 2022-September-07
Security risk: Moderately critical 14∕25
Vulnerability: Access bypassDescription
This module enables you to set content permissions based on taxonomy terms.
The module doesn't sufficiently restrict access to translated and unpublished nodes.
This vulnerability is mitigated by the fact that it only affects sites with translated content.
Solution
Install the latest version:
jQuery UI Checkboxradio - Moderately critical - Cross site scripting - SA-CONTRIB-2022-052
Project: jQuery UI Checkboxradio
Version: 8.x-1.3, 8.x-1.2, 8.x-1.1, 8.x-1.0
Date: 2022-August-10
Security risk: Moderately critical 13∕25
Vulnerability: Cross site scriptingDescription
jQuery UI is a third-party library used by Drupal. The jQuery UI Checkboxradio module provides the jQuery UI Checkboxradio library (which was previously in Drupal 8 core, but has since been removed from core and moved to this module).
Context - Moderately critical - Cross Site Scripting - SA-CONTRIB-2022-049
Project: Context
Version: 7.x-3.x
Date: 2022-July-27
Security risk: Moderately critical 12∕25
Vulnerability: Cross Site ScriptingDescription
This module enables you to conditionally display blocks in particular theme regions.
The module doesn't sufficiently sanitize the title of a block as displayed in the admin UI when a site administrator edits a context block reaction.
This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer blocks".
PDF generator API - Moderately critical - Remote Code Execution - SA-CONTRIB-2022-050
Project: PDF generator API
Version: 2.2.1, 2.2.0, 2.1.0, 2.0.0
Date: 2022-July-27
Security risk: Moderately critical 12∕25
Vulnerability: Remote Code ExecutionDescription
This module enables you to generate PDF versions of content.
Some installations of the module make use of the dompdf/dompdf third-party dependency.
Tagify - Moderately critical - Access bypass - SA-CONTRIB-2022-051
Project: Tagify
Version: 1.0.4, 1.0.3, 1.0.2-beta1, 1.0.1-beta1, 1.0.0-beta1
Date: 2022-July-27
Security risk: Moderately critical 11∕25
Vulnerability: Access bypassDescription
This module provides a widget to transform entity reference fields into a more user-friendly tags input component with a great performance.
Drupal core - Moderately critical - Information Disclosure - SA-CORE-2022-012
Project: Drupal core
Date: 2022-July-20
Security risk: Moderately critical 13∕25
Vulnerability: Information DisclosureDescription
In some situations, the Image module does not correctly check access to image files not stored in the standard public files directory when generating derivative images using the image styles system.
Drupal core - Moderately critical - Access Bypass - SA-CORE-2022-013
Project: Drupal core
Date: 2022-July-20
Security risk: Moderately critical 12∕25
Vulnerability: Access BypassDescription
Under certain circumstances, the Drupal core form API evaluates form element access incorrectly. This may lead to a user being able to alter data they should not have access to.
No forms provided by Drupal core are known to be vulnerable. However, forms added through contributed or custom modules or themes may be affected.
Solution
Install the latest version:
Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2022-014
Project: Drupal core
Date: 2022-July-20
Security risk: Critical 15∕25
Vulnerability: Arbitrary PHP code executionDescription
Drupal core sanitizes filenames with dangerous extensions upon upload (reference: SA-CORE-2020-012) and strips leading and trailing dots from filenames to prevent uploading server configuration files (reference: SA-CORE-2019-010).