exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2019-6339

почти 7 лет назад

In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8.5.x prior to 8.5.9; A remote code execution vulnerability exists in PHP's built-in phar stream wrapper when performing file operations on an untrusted phar:// URI. Some Drupal code (core, contrib, and custom) may be performing file operations on insufficiently validated user input, thereby being exposed to this vulnerability. This vulnerability is mitigated by the fact that such code paths typically require access to an administrative permission or an atypical configuration.

CVSS3: 9.8

EPSS: Высокий

CVE-2019-6339

почти 7 лет назад

In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8.5.x prior to 8.5.9; A remote code execution vulnerability exists in PHP's built-in phar stream wrapper when performing file operations on an untrusted phar:// URI. Some Drupal code (core, contrib, and custom) may be performing file operations on insufficiently validated user input, thereby being exposed to this vulnerability. This vulnerability is mitigated by the fact that such code paths typically require access to an administrative permission or an atypical configuration.

CVSS3: 9.8

EPSS: Высокий

CVE-2019-6339

почти 7 лет назад

In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8. ...

CVSS3: 9.8

EPSS: Высокий

GHSA-8cw5-rv98-5c46

почти 4 года назад

Arbitrary PHP code execution in Drupal

CVSS3: 9.8

EPSS: Высокий

BDU:2019-04785

почти 7 лет назад

Уязвимость утилиты phar CMS-системы Drupal, позволяющая нарушителю выполнить произвольный код

CVSS3: 9.8

EPSS: Высокий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2019-6339 In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8.5.x prior to 8.5.9; A remote code execution vulnerability exists in PHP's built-in phar stream wrapper when performing file operations on an untrusted phar:// URI. Some Drupal code (core, contrib, and custom) may be performing file operations on insufficiently validated user input, thereby being exposed to this vulnerability. This vulnerability is mitigated by the fact that such code paths typically require access to an administrative permission or an atypical configuration.	CVSS3: 9.8	81% Высокий	почти 7 лет назад
CVE-2019-6339 In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8.5.x prior to 8.5.9; A remote code execution vulnerability exists in PHP's built-in phar stream wrapper when performing file operations on an untrusted phar:// URI. Some Drupal code (core, contrib, and custom) may be performing file operations on insufficiently validated user input, thereby being exposed to this vulnerability. This vulnerability is mitigated by the fact that such code paths typically require access to an administrative permission or an atypical configuration.	CVSS3: 9.8	81% Высокий	почти 7 лет назад
CVE-2019-6339 In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8. ...	CVSS3: 9.8	81% Высокий	почти 7 лет назад
GHSA-8cw5-rv98-5c46 Arbitrary PHP code execution in Drupal	CVSS3: 9.8	81% Высокий	почти 4 года назад
BDU:2019-04785 Уязвимость утилиты phar CMS-системы Drupal, позволяющая нарушителю выполнить произвольный код	CVSS3: 9.8	81% Высокий	почти 7 лет назад

Уязвимостей на страницу