DRUPAL-CONTRIB-2025-064

See a problem?
Import Source
https://github.com/DrupalSecurityTeam/drupal-advisory-database/blob/main/advisories/quick_node_block/DRUPAL-CONTRIB-2025-064.json
JSON Data
https://api.osv.dev/v1/vulns/DRUPAL-CONTRIB-2025-064
Aliases
Published
2025-05-21T17:28:11Z
Modified
2025-12-10T23:41:16.261092Z
Summary
[none]
Details

This module provides a block to easily display a rendered node.

The module doesn't check access to content before displaying it to a visitor, allowing unauthorized users to retrieve a list of labels of all nodes.

References
Credits

Affected packages

Packagist:https://packages.drupal.org/8 / drupal/quick_node_block

Package

Name
drupal/quick_node_block
Purl
pkg:composer/drupal/quick_node_block

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.1
Database specific 
{
    "constraint": "<2.0.1"
}

Database specific

patched 
true
affected_versions 
"<2.0.1"
source 
"https://github.com/DrupalSecurityTeam/drupal-advisory-database/blob/main/advisories/quick_node_block/DRUPAL-CONTRIB-2025-064.json"