The Latest in IT Security

Drupal Patches Three Vulnerabilities in Core Engine

23
Jun
2017
Drupal Patches Three Vulnerabilities in Core Engine

drupal-patches-three-vulnerabilities-in-core-engine

Developers with Drupal patched three vulnerabilities, one critical, one being exploited in the wild, in Drupal’s core engine on Wednesday.

The most pressing issue addressed by the update, which brings Drupal 8 to version 8.3.4 and Drupal 7 to Drupal 7.56, could have led to code execution, the content management software’s security team warned. The YAML parser in Drupal 8, PECL, failed to handle PHP objects safely during operations with Drupal Core, according to the advisory. That could have opened it up to remote code execution.

Read More

Leave a reply


Categories

SATURDAY, DECEMBER 16, 2017

Featured

Archives

Latest Comments

Social Networks