First published: Tue Sep 03 2024(Updated: )
USN-6981-1 fixed vulnerabilities in Drupal. This update provides the corresponding updates for Ubuntu 14.04 LTS. Original advisory details: It was discovered that Drupal incorrectly sanitized uploaded filenames. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2020-13671) It was discovered that Drupal incorrectly sanitized archived filenames. A remote attacker could possibly use this issue to overwrite arbitrary files, or execute arbitrary code. (CVE-2020-28948, CVE-2020-28949)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/drupal7 | <7.26-1ubuntu0.1+esm2 | 7.26-1ubuntu0.1+esm2 |
Ubuntu Ubuntu | =14.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Contains the following vulnerabilities)