Drupal2d
POST File - Critical - Cross Site Scripting, Arbitrary PHP code execution - SA-CONTRIB-2024-060
If you use the POST File module for Drupal 10.3.x/11.x, upgrade to POST File 1.0.2 ...
Drupal2d
POST File - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-059
If you use the POST File module for Drupal 10.3.x/11.x, upgrade to Post File 1.0.2 ...
Drupal2d
The $entity_bundle argument of hook_entity_create_access is passed an integer when a bundle consists of only numbers
The change is currently missing an automated test that fails when run with the original code, and succeeds when the bug has been fixed.
Drupal4d
drupal 11.0.7
composer require drupal/core-recommended:11.0.7 drupal/core-composer-scaffold:11.0.7 drupal/core-project-message:11.0.7 --update-with-all-dependencies ...
Drupal3d
Feeds Tamper Server Files
This project is not covered by Drupal’s security advisory policy.
Drupal9d
Basic HTTP Authentication - Critical - Access bypass - SA-CONTRIB-2024-057
If you use the Basic HTTP Authentication module for Drupal 7.x, upgrade to Basic Authentication 7.x-1.4 ...
Drupal8d
metatag 2.1.0
composer require 'drupal/metatag:^2.1' ...
Drupal9d
Nasjonalt vitenarkiv (NVA)
This project is not covered by Drupal’s security advisory policy. Use at your own risk! It may have publicly disclosed vulnerabilities.
Drupal9d
Tooltip - Moderately critical - Cross site scripting - SA-CONTRIB-2024-058
If you use the Tooltip module for Drupal 8.x, 9.x or 10.x, upgrade to Tooltip 1.1.2 ...
Drupal11d
Countdown Clock
This project is not covered by Drupal’s security advisory policy.
Drupal9d
UI Auto Translate
This project is not covered by Drupal’s security advisory policy.