From e169d1a610919a0ae7f8b8c97e4405b0ba89e7dc Mon Sep 17 00:00:00 2001 From: github-actions <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 24 Jun 2026 18:55:30 +0000 Subject: [PATCH] feat: update advisories --- .../DRUPAL-CONTRIB-2026-051.json | 52 +++++++++++ .../DRUPAL-CONTRIB-2026-052.json | 52 +++++++++++ advisories/ai/DRUPAL-CONTRIB-2026-054.json | 80 +++++++++++++++++ advisories/ai/DRUPAL-CONTRIB-2026-055.json | 86 +++++++++++++++++++ .../ai_agents/DRUPAL-CONTRIB-2026-056.json | 80 +++++++++++++++++ .../ai_agents/DRUPAL-CONTRIB-2026-057.json | 86 +++++++++++++++++++ .../DRUPAL-CONTRIB-2026-053.json | 66 ++++++++++++++ .../DRUPAL-CONTRIB-2026-058.json | 52 +++++++++++ advisories/core/DRUPAL-CORE-2026-003.json | 8 +- .../geolocation/DRUPAL-CONTRIB-2026-062.json | 52 +++++++++++ .../paragraphs/DRUPAL-CONTRIB-2026-060.json | 52 +++++++++++ .../paragraphs/DRUPAL-CONTRIB-2026-061.json | 52 +++++++++++ .../salesforce/DRUPAL-CONTRIB-2026-063.json | 52 +++++++++++ .../tealiumiq/DRUPAL-CONTRIB-2026-064.json | 49 +++++++++++ .../wisski/DRUPAL-CONTRIB-2026-059.json | 52 +++++++++++ 15 files changed, 870 insertions(+), 1 deletion(-) create mode 100644 advisories/admin_feedback/DRUPAL-CONTRIB-2026-051.json create mode 100644 advisories/admin_feedback/DRUPAL-CONTRIB-2026-052.json create mode 100644 advisories/ai/DRUPAL-CONTRIB-2026-054.json create mode 100644 advisories/ai/DRUPAL-CONTRIB-2026-055.json create mode 100644 advisories/ai_agents/DRUPAL-CONTRIB-2026-056.json create mode 100644 advisories/ai_agents/DRUPAL-CONTRIB-2026-057.json create mode 100644 advisories/ai_provider_openai/DRUPAL-CONTRIB-2026-053.json create mode 100644 advisories/commerce_realex/DRUPAL-CONTRIB-2026-058.json create mode 100644 advisories/geolocation/DRUPAL-CONTRIB-2026-062.json create mode 100644 advisories/paragraphs/DRUPAL-CONTRIB-2026-060.json create mode 100644 advisories/paragraphs/DRUPAL-CONTRIB-2026-061.json create mode 100644 advisories/salesforce/DRUPAL-CONTRIB-2026-063.json create mode 100644 advisories/tealiumiq/DRUPAL-CONTRIB-2026-064.json create mode 100644 advisories/wisski/DRUPAL-CONTRIB-2026-059.json diff --git a/advisories/admin_feedback/DRUPAL-CONTRIB-2026-051.json b/advisories/admin_feedback/DRUPAL-CONTRIB-2026-051.json new file mode 100644 index 00000000..096f7b76 --- /dev/null +++ b/advisories/admin_feedback/DRUPAL-CONTRIB-2026-051.json @@ -0,0 +1,52 @@ +{ + "schema_version": "1.7.0", + "id": "DRUPAL-CONTRIB-2026-051", + "modified": "2026-06-24T18:32:15.000Z", + "published": "2026-06-24T18:32:15.000Z", + "aliases": [ + "CVE-2026-13231" + ], + "details": "This module enables you to collect feedback from your site visitors on content pages, presenting Yes/No buttons and providing dashboards for administrators to review the responses.\n\nThe module doesn't sufficiently sanitize several administrator-configured response messages (the \"Yes response\", \"No response\", and the custom text shown on a \"No\" answer) under the scenario where those settings contain HTML or script markup, which is then emitted as raw HTML in the feedback response shown to visitors.\n\nThis vulnerability is mitigated by the fact that an attacker must have a role with the permission \"administer admin feedback\".", + "affected": [ + { + "package": { + "ecosystem": "Packagist:https://packages.drupal.org/8", + "name": "drupal/admin_feedback" + }, + "severity": [], + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "2.8.0" + } + ], + "database_specific": { + "constraint": "<2.8.0" + } + } + ], + "database_specific": { + "affected_versions": "<2.8.0" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://www.drupal.org/sa-contrib-2026-051" + } + ], + "credits": [ + { + "name": "Bill Seremetis (bserem)", + "contact": [ + "https://www.drupal.org/u/bserem" + ] + } + ] +} diff --git a/advisories/admin_feedback/DRUPAL-CONTRIB-2026-052.json b/advisories/admin_feedback/DRUPAL-CONTRIB-2026-052.json new file mode 100644 index 00000000..0a2792bc --- /dev/null +++ b/advisories/admin_feedback/DRUPAL-CONTRIB-2026-052.json @@ -0,0 +1,52 @@ +{ + "schema_version": "1.7.0", + "id": "DRUPAL-CONTRIB-2026-052", + "modified": "2026-06-24T18:35:16.000Z", + "published": "2026-06-24T18:35:16.000Z", + "aliases": [ + "CVE-2026-13232" + ], + "details": "This module enables you to collect feedback from your site visitors on content pages, allowing them to optionally attach a free-text comment to their Yes/No vote.\n\nThe module doesn't sufficiently verify authorization over the targeted feedback record when processing a comment submission.\n\nThis vulnerability is mitigated by the fact that an attacker must have a role with the permission \"give feedback\". Note: \"give feedback\" is granted to anonymous and authenticated by default on install.", + "affected": [ + { + "package": { + "ecosystem": "Packagist:https://packages.drupal.org/8", + "name": "drupal/admin_feedback" + }, + "severity": [], + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "2.8.0" + } + ], + "database_specific": { + "constraint": "<2.8.0" + } + } + ], + "database_specific": { + "affected_versions": "<2.8.0" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://www.drupal.org/sa-contrib-2026-052" + } + ], + "credits": [ + { + "name": "Bill Seremetis (bserem)", + "contact": [ + "https://www.drupal.org/u/bserem" + ] + } + ] +} diff --git a/advisories/ai/DRUPAL-CONTRIB-2026-054.json b/advisories/ai/DRUPAL-CONTRIB-2026-054.json new file mode 100644 index 00000000..2bbf2e9c --- /dev/null +++ b/advisories/ai/DRUPAL-CONTRIB-2026-054.json @@ -0,0 +1,80 @@ +{ + "schema_version": "1.7.0", + "id": "DRUPAL-CONTRIB-2026-054", + "modified": "2026-06-24T18:36:54.000Z", + "published": "2026-06-24T18:36:54.000Z", + "aliases": [ + "CVE-2026-13234" + ], + "details": "The module and certain submodules (AI Automators, AI Translate, AI API Explorer, AI Content Suggestions) provide the ability to use an LLM to generate HTML or Markdown and preview it in a browser.\n\nUnder certain circumstances, rendering of this HTML can lead to Cross Site Scripting, or exposing secret communications in the context of the LLM request.\n\nThis vulnerability is mitigated by the fact that an attacker must be able to inject text into prompts to create an attack.", + "affected": [ + { + "package": { + "ecosystem": "Packagist:https://packages.drupal.org/8", + "name": "drupal/ai" + }, + "severity": [], + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "1.2.17" + } + ], + "database_specific": { + "constraint": "<1.2.17" + } + }, + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "1.3.0" + }, + { + "fixed": "1.3.8" + } + ], + "database_specific": { + "constraint": ">=1.3.0 <1.3.8" + } + }, + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "1.4.0" + }, + { + "fixed": "1.4.3" + } + ], + "database_specific": { + "constraint": ">=1.4.0 <1.4.3" + } + } + ], + "database_specific": { + "affected_versions": "<1.2.17 || >=1.3.0 <1.3.8 || >=1.4.0 <1.4.3" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://www.drupal.org/sa-contrib-2026-054" + } + ], + "credits": [ + { + "name": "Drew Webber (mcdruid)", + "contact": [ + "https://www.drupal.org/u/mcdruid" + ] + } + ] +} diff --git a/advisories/ai/DRUPAL-CONTRIB-2026-055.json b/advisories/ai/DRUPAL-CONTRIB-2026-055.json new file mode 100644 index 00000000..6842c92d --- /dev/null +++ b/advisories/ai/DRUPAL-CONTRIB-2026-055.json @@ -0,0 +1,86 @@ +{ + "schema_version": "1.7.0", + "id": "DRUPAL-CONTRIB-2026-055", + "modified": "2026-06-24T18:37:45.000Z", + "published": "2026-06-24T18:37:45.000Z", + "aliases": [ + "CVE-2026-13235" + ], + "details": "This module enables you to utilize an agent to use Drupal core actions tools with bypassed access.\n\nCertain Drupal core actions, exposed as agent tools did not have correct access validation, and some core actions were missing associated access-level definitions.\n\nThis vulnerability is mitigated by the fact that an attacker must have access to communicate with an affected agent, the site must be configured to expose the affected tools to non-privileged users.", + "affected": [ + { + "package": { + "ecosystem": "Packagist:https://packages.drupal.org/8", + "name": "drupal/ai" + }, + "severity": [], + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "1.2.17" + } + ], + "database_specific": { + "constraint": "<1.2.17" + } + }, + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "1.3.0" + }, + { + "fixed": "1.3.8" + } + ], + "database_specific": { + "constraint": ">=1.3.0 <1.3.8" + } + }, + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "1.4.0" + }, + { + "fixed": "1.4.3" + } + ], + "database_specific": { + "constraint": ">=1.4.0 <1.4.3" + } + } + ], + "database_specific": { + "affected_versions": "<1.2.17 || >=1.3.0 <1.3.8 || >=1.4.0 <1.4.3" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://www.drupal.org/sa-contrib-2026-055" + } + ], + "credits": [ + { + "name": "AKHIL BABU (akhil babu)", + "contact": [ + "https://www.drupal.org/u/akhil-babu" + ] + }, + { + "name": "Kuniyoshi Noguchi (kuninogu)", + "contact": [ + "https://www.drupal.org/u/kuninogu" + ] + } + ] +} diff --git a/advisories/ai_agents/DRUPAL-CONTRIB-2026-056.json b/advisories/ai_agents/DRUPAL-CONTRIB-2026-056.json new file mode 100644 index 00000000..44690870 --- /dev/null +++ b/advisories/ai_agents/DRUPAL-CONTRIB-2026-056.json @@ -0,0 +1,80 @@ +{ + "schema_version": "1.7.0", + "id": "DRUPAL-CONTRIB-2026-056", + "modified": "2026-06-24T18:38:33.000Z", + "published": "2026-06-24T18:38:33.000Z", + "aliases": [ + "CVE-2026-13236" + ], + "details": "This module provides the entity type and runtime for Drupal AI Agents, enabling agents to use tools.\n\nThe module does not sufficiently check the required permissions when a tool loads content entities.\n\nThis vulnerability is mitigated by the fact that an agent must be configured to use the affected tool, and an attacker must have access to that agent.", + "affected": [ + { + "package": { + "ecosystem": "Packagist:https://packages.drupal.org/8", + "name": "drupal/ai_agents" + }, + "severity": [], + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "1.1.4" + } + ], + "database_specific": { + "constraint": "<1.1.4" + } + }, + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "1.2.0" + }, + { + "fixed": "1.2.5" + } + ], + "database_specific": { + "constraint": ">=1.2.0 <1.2.5" + } + }, + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "1.3.0" + }, + { + "fixed": "1.3.1" + } + ], + "database_specific": { + "constraint": ">=1.3.0 <1.3.1" + } + } + ], + "database_specific": { + "affected_versions": "<1.1.4 || >=1.2.0 <1.2.5 || >=1.3.0 <1.3.1" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://www.drupal.org/sa-contrib-2026-056" + } + ], + "credits": [ + { + "name": "Kuniyoshi Noguchi (kuninogu)", + "contact": [ + "https://www.drupal.org/u/kuninogu" + ] + } + ] +} diff --git a/advisories/ai_agents/DRUPAL-CONTRIB-2026-057.json b/advisories/ai_agents/DRUPAL-CONTRIB-2026-057.json new file mode 100644 index 00000000..200e6bc2 --- /dev/null +++ b/advisories/ai_agents/DRUPAL-CONTRIB-2026-057.json @@ -0,0 +1,86 @@ +{ + "schema_version": "1.7.0", + "id": "DRUPAL-CONTRIB-2026-057", + "modified": "2026-06-24T18:39:24.000Z", + "published": "2026-06-24T18:39:24.000Z", + "aliases": [ + "CVE-2026-13237" + ], + "details": "This module provides the entity type and runtime for Drupal AI Agents, enabling agents to use tools.\n\nUnder certain circumstances, the agent inherits deterministic parameters when invoking the same tool in one request, which can lead to information disclosure.", + "affected": [ + { + "package": { + "ecosystem": "Packagist:https://packages.drupal.org/8", + "name": "drupal/ai_agents" + }, + "severity": [], + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "1.1.4" + } + ], + "database_specific": { + "constraint": "<1.1.4" + } + }, + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "1.2.0" + }, + { + "fixed": "1.2.5" + } + ], + "database_specific": { + "constraint": ">=1.2.0 <1.2.5" + } + }, + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "1.3.0" + }, + { + "fixed": "1.3.1" + } + ], + "database_specific": { + "constraint": ">=1.3.0 <1.3.1" + } + } + ], + "database_specific": { + "affected_versions": "<1.1.4 || >=1.2.0 <1.2.5 || >=1.3.0 <1.3.1" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://www.drupal.org/sa-contrib-2026-057" + } + ], + "credits": [ + { + "name": "Andrew Belcher (andrewbelcher)", + "contact": [ + "https://www.drupal.org/u/andrewbelcher" + ] + }, + { + "name": "Rob Edwards (rob_e)", + "contact": [ + "https://www.drupal.org/u/rob_e" + ] + } + ] +} diff --git a/advisories/ai_provider_openai/DRUPAL-CONTRIB-2026-053.json b/advisories/ai_provider_openai/DRUPAL-CONTRIB-2026-053.json new file mode 100644 index 00000000..a15084ec --- /dev/null +++ b/advisories/ai_provider_openai/DRUPAL-CONTRIB-2026-053.json @@ -0,0 +1,66 @@ +{ + "schema_version": "1.7.0", + "id": "DRUPAL-CONTRIB-2026-053", + "modified": "2026-06-24T18:36:06.000Z", + "published": "2026-06-24T18:36:06.000Z", + "aliases": [ + "CVE-2026-13233" + ], + "details": "This module enables you to use OpenAI as a provider for the AI module.\n\nThe module doesn't sufficiently sanitize user-supplied URLs, leading to a Server-side request forgery (SSRF) vulnerability.\n\nThis vulnerability is mitigated by the fact that an attacker must have the access to change the host url and a way to generate AI-generated images.", + "affected": [ + { + "package": { + "ecosystem": "Packagist:https://packages.drupal.org/8", + "name": "drupal/ai_provider_openai" + }, + "severity": [], + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "1.1.1" + } + ], + "database_specific": { + "constraint": "<1.1.1" + } + }, + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "1.2.0" + }, + { + "fixed": "1.2.2" + } + ], + "database_specific": { + "constraint": ">=1.2.0 <1.2.2" + } + } + ], + "database_specific": { + "affected_versions": "<1.1.1 || >=1.2.0 <1.2.2" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://www.drupal.org/sa-contrib-2026-053" + } + ], + "credits": [ + { + "name": "Kuniyoshi Noguchi (kuninogu)", + "contact": [ + "https://www.drupal.org/u/kuninogu" + ] + } + ] +} diff --git a/advisories/commerce_realex/DRUPAL-CONTRIB-2026-058.json b/advisories/commerce_realex/DRUPAL-CONTRIB-2026-058.json new file mode 100644 index 00000000..e697803c --- /dev/null +++ b/advisories/commerce_realex/DRUPAL-CONTRIB-2026-058.json @@ -0,0 +1,52 @@ +{ + "schema_version": "1.7.0", + "id": "DRUPAL-CONTRIB-2026-058", + "modified": "2026-06-24T18:40:07.000Z", + "published": "2026-06-24T18:40:07.000Z", + "aliases": [ + "CVE-2026-13238" + ], + "details": "This module enables you to take payments through the Global Payments / Realex Hosted Payment Page (HPP), either via a lightbox iframe or via a full-page redirect.\n\nWhen the gateway is configured with the **redirect** payment method, the module doesn't sufficiently verify the authenticity of the payment response returned by Global Payments.\n\nThe **lightbox** payment method validates the signature and is not affected, so sites that use the lightbox payment method are not affected.", + "affected": [ + { + "package": { + "ecosystem": "Packagist:https://packages.drupal.org/8", + "name": "drupal/commerce_realex" + }, + "severity": [], + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "3.0.2" + } + ], + "database_specific": { + "constraint": "<3.0.2" + } + } + ], + "database_specific": { + "affected_versions": "<3.0.2" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://www.drupal.org/sa-contrib-2026-058" + } + ], + "credits": [ + { + "name": "Bill Seremetis (bserem)", + "contact": [ + "https://www.drupal.org/u/bserem" + ] + } + ] +} diff --git a/advisories/core/DRUPAL-CORE-2026-003.json b/advisories/core/DRUPAL-CORE-2026-003.json index 9f20b74f..d77c1b3d 100644 --- a/advisories/core/DRUPAL-CORE-2026-003.json +++ b/advisories/core/DRUPAL-CORE-2026-003.json @@ -1,7 +1,7 @@ { "schema_version": "1.7.0", "id": "DRUPAL-CORE-2026-003", - "modified": "2026-04-15T19:27:21.000Z", + "modified": "2026-06-22T15:06:13.000Z", "published": "2026-04-15T19:27:21.000Z", "aliases": [ "CVE-2026-6367" @@ -42,6 +42,12 @@ } ], "credits": [ + { + "name": "Dmitrijs Trizna (dtrizna)", + "contact": [ + "https://www.drupal.org/u/dtrizna" + ] + }, { "name": "Dries Buytaert (dries)", "contact": [ diff --git a/advisories/geolocation/DRUPAL-CONTRIB-2026-062.json b/advisories/geolocation/DRUPAL-CONTRIB-2026-062.json new file mode 100644 index 00000000..cef49c87 --- /dev/null +++ b/advisories/geolocation/DRUPAL-CONTRIB-2026-062.json @@ -0,0 +1,52 @@ +{ + "schema_version": "1.7.0", + "id": "DRUPAL-CONTRIB-2026-062", + "modified": "2026-06-24T18:46:12.000Z", + "published": "2026-06-24T18:46:12.000Z", + "aliases": [ + "CVE-2026-13242" + ], + "details": "Geolocation modules adds a field to store coordinates and provides supporting plumbing for views and other modules.\n\nOne of the provided views filters does not sufficiently sanitize values if exposed to user input resulting in a SQL injection vulnerability.\n\nThis vulnerability is mitigated by the fact that a view must exist, that uses the aforementioned filter and it is set to accept user input.", + "affected": [ + { + "package": { + "ecosystem": "Packagist:https://packages.drupal.org/8", + "name": "drupal/geolocation" + }, + "severity": [], + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "3.15.0" + } + ], + "database_specific": { + "constraint": "<3.15.0" + } + } + ], + "database_specific": { + "affected_versions": "<3.15.0" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://www.drupal.org/sa-contrib-2026-062" + } + ], + "credits": [ + { + "name": "Michael Maturi (michaelmaturi)", + "contact": [ + "https://www.drupal.org/u/michaelmaturi" + ] + } + ] +} diff --git a/advisories/paragraphs/DRUPAL-CONTRIB-2026-060.json b/advisories/paragraphs/DRUPAL-CONTRIB-2026-060.json new file mode 100644 index 00000000..4a40e3c1 --- /dev/null +++ b/advisories/paragraphs/DRUPAL-CONTRIB-2026-060.json @@ -0,0 +1,52 @@ +{ + "schema_version": "1.7.0", + "id": "DRUPAL-CONTRIB-2026-060", + "modified": "2026-06-24T18:42:30.000Z", + "published": "2026-06-24T18:42:30.000Z", + "aliases": [ + "CVE-2026-13240" + ], + "details": "The optional Paragraphs Library module allows the reuse of paragraphs in multiple places. \nThe module doesn't sufficiently restrict access to unpublished library items in lists. \nThis vulnerability is mitigated by the fact the paragraphs\\_library module must be in use, and that an attacker must have access to a list of library items, such as a field with autocomplete suggestions or a view.", + "affected": [ + { + "package": { + "ecosystem": "Packagist:https://packages.drupal.org/8", + "name": "drupal/paragraphs" + }, + "severity": [], + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "1.21.0" + } + ], + "database_specific": { + "constraint": "<1.21.0" + } + } + ], + "database_specific": { + "affected_versions": "<1.21.0" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://www.drupal.org/sa-contrib-2026-060" + } + ], + "credits": [ + { + "name": "Pierre Rudloff (prudloff)", + "contact": [ + "https://www.drupal.org/u/prudloff" + ] + } + ] +} diff --git a/advisories/paragraphs/DRUPAL-CONTRIB-2026-061.json b/advisories/paragraphs/DRUPAL-CONTRIB-2026-061.json new file mode 100644 index 00000000..f3e3fa7c --- /dev/null +++ b/advisories/paragraphs/DRUPAL-CONTRIB-2026-061.json @@ -0,0 +1,52 @@ +{ + "schema_version": "1.7.0", + "id": "DRUPAL-CONTRIB-2026-061", + "modified": "2026-06-24T18:43:16.000Z", + "published": "2026-06-24T18:43:16.000Z", + "aliases": [ + "CVE-2026-13241" + ], + "details": "The optional Paragraphs Library module allows the reuse of paragraphs in multiple places. \nThe module doesn't sufficiently restrict access to direct child paragraphs of library items through API endpoints. \nThis vulnerability is mitigated by the fact the paragraphs\\_library module must be in use and general write access to paragraphs through another module must be allowed.", + "affected": [ + { + "package": { + "ecosystem": "Packagist:https://packages.drupal.org/8", + "name": "drupal/paragraphs" + }, + "severity": [], + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "1.21.0" + } + ], + "database_specific": { + "constraint": "<1.21.0" + } + } + ], + "database_specific": { + "affected_versions": "<1.21.0" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://www.drupal.org/sa-contrib-2026-061" + } + ], + "credits": [ + { + "name": "Mustafa Ahmed (mustafa007)", + "contact": [ + "https://www.drupal.org/u/mustafa007" + ] + } + ] +} diff --git a/advisories/salesforce/DRUPAL-CONTRIB-2026-063.json b/advisories/salesforce/DRUPAL-CONTRIB-2026-063.json new file mode 100644 index 00000000..f9c6055d --- /dev/null +++ b/advisories/salesforce/DRUPAL-CONTRIB-2026-063.json @@ -0,0 +1,52 @@ +{ + "schema_version": "1.7.0", + "id": "DRUPAL-CONTRIB-2026-063", + "modified": "2026-06-24T18:48:15.000Z", + "published": "2026-06-24T18:48:15.000Z", + "aliases": [ + "CVE-2026-13243" + ], + "details": "The Salesforce Suite of modules integrates Drupal with Salesforce.\n\nThe Salesforce module does not properly validate the OAuth handshake during interactive authentication, allowing an attacker to hijack the authorization token and bind the site to an attacker's Salesforce account.\n\nThis vulnerability is mitigated by the fact that `salesforce_oauth` submodule must be enabled, and a `salesforce_oauth` authorization profile active and in use. The submodule `salesforce_oauth` is deprecated, and `salesforce_jwt` has been the recommended authentication plugin for several years. Sites with `salesforce_oauth` uninstalled, or sites relying exclusively on `salesforce_jwt` (JWT or JWT Gov Cloud) for authentication are not impacted.\n\nSubmodule salesforce\\_oauth has been removed in branch 6.0.x, so >= 6.0.x versions are not affected by this vulnerability.", + "affected": [ + { + "package": { + "ecosystem": "Packagist:https://packages.drupal.org/8", + "name": "drupal/salesforce" + }, + "severity": [], + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "5.1.3" + } + ], + "database_specific": { + "constraint": "<5.1.3" + } + } + ], + "database_specific": { + "affected_versions": "<5.1.3" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://www.drupal.org/sa-contrib-2026-063" + } + ], + "credits": [ + { + "name": "Muhammedali Aliyev (swordmein)", + "contact": [ + "https://www.drupal.org/u/swordmein" + ] + } + ] +} diff --git a/advisories/tealiumiq/DRUPAL-CONTRIB-2026-064.json b/advisories/tealiumiq/DRUPAL-CONTRIB-2026-064.json new file mode 100644 index 00000000..af9a47a3 --- /dev/null +++ b/advisories/tealiumiq/DRUPAL-CONTRIB-2026-064.json @@ -0,0 +1,49 @@ +{ + "schema_version": "1.7.0", + "id": "DRUPAL-CONTRIB-2026-064", + "modified": "2026-06-24T18:49:32.000Z", + "published": "2026-06-24T18:49:32.000Z", + "aliases": [ + "CVE-2026-13244" + ], + "details": "The security team is marking the Tealium iQ Tag Management module for Drupal project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: [https://www.drupal.org/node/251466#s-becoming-owner-maintainer-or-co-mai...](https://www.drupal.org/node/251466#s-becoming-owner-maintainer-or-co-maintainer-of-a-project-that-is-unsupported-for-security-reasons)", + "affected": [ + { + "package": { + "ecosystem": "Packagist:https://packages.drupal.org/8", + "name": "drupal/tealiumiq" + }, + "severity": [], + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + } + ], + "database_specific": { + "constraint": "*" + } + } + ], + "database_specific": { + "affected_versions": "*" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://www.drupal.org/sa-contrib-2026-064" + } + ], + "credits": [ + { + "name": "Drew Webber (mcdruid)", + "contact": [ + "https://www.drupal.org/u/mcdruid" + ] + } + ] +} diff --git a/advisories/wisski/DRUPAL-CONTRIB-2026-059.json b/advisories/wisski/DRUPAL-CONTRIB-2026-059.json new file mode 100644 index 00000000..c51dc4c1 --- /dev/null +++ b/advisories/wisski/DRUPAL-CONTRIB-2026-059.json @@ -0,0 +1,52 @@ +{ + "schema_version": "1.7.0", + "id": "DRUPAL-CONTRIB-2026-059", + "modified": "2026-06-24T18:40:57.000Z", + "published": "2026-06-24T18:40:57.000Z", + "aliases": [ + "CVE-2026-13239" + ], + "details": "The module adds support for the mirador viewer in WissKI and enables annotations on images via the mirador viewer.\n\nIt does not sufficiently check the submitted parameters via a route and writes these to the session object without further checks, which can lead to Access Bypass.\n\nThis vulnerability is mitigated by the fact that it is specific to the wisski\\_mirador submodule.", + "affected": [ + { + "package": { + "ecosystem": "Packagist:https://packages.drupal.org/8", + "name": "drupal/wisski" + }, + "severity": [], + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "4.2.0" + } + ], + "database_specific": { + "constraint": "<4.2.0" + } + } + ], + "database_specific": { + "affected_versions": "<4.2.0" + } + } + ], + "references": [ + { + "type": "WEB", + "url": "https://www.drupal.org/sa-contrib-2026-059" + } + ], + "credits": [ + { + "name": "Drew Webber (mcdruid)", + "contact": [ + "https://www.drupal.org/u/mcdruid" + ] + } + ] +}