CVE-2018-7600

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-7600
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-7600.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-7600
Aliases
Downstream
Published
2018-03-29T07:29:00.260Z
Modified
2026-02-13T01:36:15.573317Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.

References

Affected packages

Git / github.com/drupal/drupal

Affected ranges

Type
GIT
Repo
https://github.com/drupal/drupal
Events
Introduced
35c2f3ca5c935f3d8bde15932a712677c9bbd50f
Fixed
ca315ad868680ff1d5686a07fc326eb116816049
Introduced
abfe77673a5a6194ef13600e05f1ca2c5dd59db8
Fixed
6424f69db19adbf6b21832ab4973d07165ee86ad
Introduced
b73ab73d39dca97a12513e8a9e4f4da4b0676f5f
Fixed
9798f28fe983bea94fb06ff52423355688066780

Affected versions

8.*
8.0.0
8.1.0-beta1
8.3.0
8.3.0-alpha1
8.3.0-beta1
8.3.0-rc1
8.3.0-rc2
8.3.1
8.3.2
8.3.3
8.3.4
8.3.5
8.3.6
8.3.7
8.3.8
8.4.0
8.4.0-alpha1
8.4.0-beta1
8.4.0-rc1
8.4.0-rc2
8.4.1
8.4.2
8.4.3
8.4.4
8.4.5
8.5.0
8.5.0-alpha1
8.5.0-beta1
8.5.0-rc1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-7600.json"