UBUNTU-CVE-2018-7600

Source
https://ubuntu.com/security/CVE-2018-7600
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-7600.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2018-7600
Related
Published
2018-03-29T07:29:00Z
Modified
2025-01-29T16:32:51Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.

References

Affected packages

Ubuntu:Pro:14.04:LTS / drupal7

Package

Name
drupal7
Purl
pkg:deb/ubuntu/drupal7@7.26-1ubuntu0.1+esm1?arch=source&distro=trusty/esm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.26-1ubuntu0.1+esm1

Affected versions

7.*

7.23-1
7.24-1
7.24-2
7.26-1
7.26-1ubuntu0.1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "ubuntu_priority": "high",
    "binaries": [
        {
            "binary_version": "7.26-1ubuntu0.1+esm1",
            "binary_name": "drupal7"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / drupal7

Package

Name
drupal7
Purl
pkg:deb/ubuntu/drupal7@7.44-1ubuntu1~16.04.0+esm1?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.44-1ubuntu1~16.04.0+esm1

Affected versions

7.*

7.38-1
7.41-1
7.44-1ubuntu1~16.04.0

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "ubuntu_priority": "high",
    "binaries": [
        {
            "binary_version": "7.44-1ubuntu1~16.04.0+esm1",
            "binary_name": "drupal7"
        }
    ]
}