Ecosyste.ms: Packages

An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.

Top 0.9% on packagist.org
Top 4.0% downloads on packagist.org
Top 0.6% dependent packages on packagist.org
Top 0.7% dependent repos on packagist.org
Top 0.1% forks on packagist.org
Top 0.2% docker downloads on packagist.org

packagist.org : drupal/drupal

Drupal is an open source content management platform powering millions of websites and applications.

Registry - Source - Homepage - JSON
purl: pkg:composer/drupal/drupal
License: CNRI-Python-GPL-Compatible
Latest release: 13 days ago
First release: almost 11 years ago
Namespace: drupal
Dependent packages: 33
Dependent repositories: 158
Downloads: 73,320 total
Stars: 4,016 on GitHub
Forks: 1,905 on GitHub
Docker dependents: 34
Docker downloads: 19,869,747
Total Commits: 42799
Committers: 163
Average commits per author: 262.571
Development Distribution Score (DDS): 0.758
More commit stats: commits.ecosyste.ms
See more repository details: repos.ecosyste.ms
Last synced: 1 day ago

Critical

GSA_kwCzR0hTQS04Y3c1LXJ2OTgtNWM0Ns0g-A

Arbitrary PHP code execution in Drupal
Ecosystems: packagist
Packages: drupal/core, drupal/drupal
Source: github
Published: over 2 years ago

Moderate

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYzZjYtZjI5Zi1yZ3Zw

Missing Authorization in Drupal
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: over 4 years ago

High

GSA_kwCzR0hTQS04MzZwLTZwNGotMzVjZ84AAdZS

Drupal Open Redirect
Ecosystems: packagist
Packages: drupal/core, drupal/drupal
Source: github
Published: almost 2 years ago

Critical

GSA_kwCzR0hTQS14djd2LXJmNmcteHdyY80WEA

Directory Traversal in typo3/phar-stream-wrapper
Ecosystems: packagist
Packages: drupal/drupal, drupal/core, typo3/phar-stream-wrapper
Source: github
Published: over 2 years ago

Moderate

GSA_kwCzR0hTQS1nNzhoLXBmNjUtNDZyds4AATTf

Enhanced Image plugin for CKEditor is vulnerable to Cross-site scripting (XSS)
Ecosystems: packagist, npm
Packages: drupal/drupal, ckeditor-dev, drupal/core
Source: github
Published: about 2 years ago

High

GSA_kwCzR0hTQS1tNmNoLWdnNWYtd3h4M805QQ

HTTP Proxy header vulnerability
Ecosystems: packagist
Packages: typo3/cms, drupal/drupal, bugsnag/bugsnag-laravel, amphp/artax, padraic/humbug_get_contents, drupal/core, guzzlehttp/guzzle
Source: github
Published: about 2 years ago

Moderate

GSA_kwCzR0hTQS1tNnE1LXd2NHgtZnY2aM0rRw

Cross-site Scripting in Drupal Core
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: over 2 years ago

Critical

GSA_kwCzR0hTQS05YzI0LWczMmctMzVyas4AAWPD

Drupal PECL YAML parser unsafe object handling
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: about 2 years ago

High

GSA_kwCzR0hTQS05OHc1LXdxcDktdzQ2Ns4AAc69

Drupal Incorrect cache context on password reset page
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS1oMzc3LTI4N20tdzJyOc4AARY1

Drupal file REST resource does not properly validate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: about 2 years ago

High

GSA_kwCzR0hTQS1xM3A5LTg3Mjgtd3E3eM4AAdZM

Drupal saving user accounts can sometimes grant the user all roles
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

High

GSA_kwCzR0hTQS0zZ3g2LWg1N2gtcm0yN84AAQKY

Drupal Core Remote Code Execution Vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: about 2 years ago

Moderate

GSA_kwCzR0hTQS1xcXhjLWNwcGctNHhwOM4AAdYz

Drupal Reflected file download vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS1yZnh4LWd4d2MtOTIzY84AAc9H

Drupal Views can allow unauthorized users to see Statistics information
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS1qcGo4LTQ5aHItd2N3ds4AAc7N

Drupal Denial of service via transliterate mechanism
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS1jbW1oLThtd3AtZ3E1cM4AAiGR

Drupal Cross Site Scripting (XSS) vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS02ZzloLTZ2NzktdzRwY84AAdKR

Drupal Users without "Administer comments" can set comment visibility on nodes they can edit
Ecosystems: packagist
Packages: drupal/core, drupal/drupal
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS01ODVqLTU0NDktbWY1bc4AAXMs

Drupal cross-site scripting vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: about 2 years ago

Critical

GSA_kwCzR0hTQS03Zmg5LTkzM2ctODg1cM4AAUGf

Drupal Core Remote Code Execution Vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: about 2 years ago

High

GSA_kwCzR0hTQS0ycDI4LTVtdnAtMmoycs4AAXMk

Drupal Comment reply form allows access to restricted content
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: about 2 years ago

Critical

GSA_kwCzR0hTQS0yOTd4LWo5cG0teGpnZ84AA7QY

Drupal Core Remote Code Execution Vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: 21 days ago

Moderate

GSA_kwCzR0hTQS03ZmZoLWNqdmctZnByNM4AASZT

Drupal Settings Tray access bypass
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: about 2 years ago

Moderate

GSA_kwCzR0hTQS02Nm12LXE4cjItaGo4d84AASZx

Drupal access bypass vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: about 2 years ago

High

GSA_kwCzR0hTQS0zMzI3LWpyOTMtN2hxM84AASZL

Drupal access bypass vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: about 2 years ago

Critical

GSA_kwCzR0hTQS1mNHF4LWpxZnEtNzc4Nc4AASZQ

Drupal Entity access bypass for entities that do not have UUIDs or have protected revisions
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: about 2 years ago

High

GSA_kwCzR0hTQS1yaHg5LTNxZjctcjNqN84AASYD

Drupal Remote code execution
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: about 2 years ago

High

GSA_kwCzR0hTQS1wOGc2LTVtZzctOXI1cc4AARZN

Drupal REST API can bypass comment approval
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: about 2 years ago

Moderate

GSA_kwCzR0hTQS01OGYzLWN4OHAtaDhqZ84AARYs

Drupal core access bypass vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: about 2 years ago

Moderate

GSA_kwCzR0hTQS14MnE5LXI4Z20tZjY1N84AAohb

Drupal Core Access bypass vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

Critical

GSA_kwCzR0hTQS13eHFwLWp3YzktZzM5eM4AAoYB

Drupal Core Access bypass vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

High

GSA_kwCzR0hTQS14NzJmLWdnanctdjV4aM4AAoYA

Drupal Core Arbitrary PHP code execution vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS1nanFnLTlyaHYtcWo2N84AAoX9

Drupal Core Open Redirect vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS04amoyLXgyZ2MtZ2dtN84AAoX_

Drupal Core Cross-site scripting vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS1mZzVxLXIycTUtcW1oM84AAdZQ

Drupal CRLF injection vulnerability in the drupal_set_header function
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

High

GSA_kwCzR0hTQS00Z2g1LTNocWoteDNwas4AAdZP

Drupal Form API ignores access restrictions on submit buttons
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

High

GSA_kwCzR0hTQS13MnBqLWM4eDUtanZnMs4AAdXp

Drupal File upload access bypass and denial of service
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

High

GSA_kwCzR0hTQS1neHd4LWM3bTgtZjk1aM4AAdYo

Drupal Open redirect vulnerability in the drupal_goto function
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

High

GSA_kwCzR0hTQS02OWc4LWc5anEtNzR2N84AAdW6

Drupal arbitrary code execution
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS12aGc4LXg4NTgtN3dxNs4AAdKN

Drupal Cross-site scripting (XSS) vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS1mbXFoLTJqMngtdmdwM84AAdKO

Drupal Unprivileged access to config export
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS1wNzQ1LTM0N2gtaGpmd84AAcG_

Drupal sensitive information disclosure
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS01dnByLXYyNHctbW1qas4AAXNU

Drupal cross site scripting vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: about 2 years ago

Moderate

GSA_kwCzR0hTQS13bTg2LXczY2YtaDZ2bc4AAXNG

Drupal external link injection vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: about 2 years ago

High

GSA_kwCzR0hTQS02OGpjLXYyN2gtdmhtd80WbQ

Drupal core Unrestricted Upload of File with Dangerous Type
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: over 2 years ago

Moderate

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJneDYtcmpqNC1jMzg4

ckeditor4 vulnerable to cross-site scripting
Ecosystems: packagist, npm
Packages: drupal/drupal, drupal/core, ckeditor4
Source: github
Published: almost 3 years ago

Moderate

GSA_kwCzR0hTQS1wcXY0LXhncWgtajh2aM4AAdYs

Drupal sensitive information disclosure
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

High

GSA_kwCzR0hTQS02aHBqLTl4ajctMmp4eM4AASZo

Drupal access control bypass vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: about 2 years ago

High

GSA_kwCzR0hTQS1mcnFmLTlxcjQtNnZ4Zs4AAc9G

Drupal Saving user accounts can sometimes grant the user all roles
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

High

GSA_kwCzR0hTQS1neHhxLWZoYzctM2p2Oc4AAbOV

Drupal Cross-Site Request Forgery (CSRF)
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

High

GSA_kwCzR0hTQS1oM3I5LXBqbXItZjkzOM4AAdYi

Drupal Brute force amplification attacks via XML-RPC
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

High

GSA_kwCzR0hTQS13N3F4LXZ3cjktMmozcs4AASX9

Drupal editor module incorrectly checks access to inline private files
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: about 2 years ago

High

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZybXEteDJodi12eHBw

Drupal core third-party PEAR Archive_Tar library is vulnerable to Deserialization of Untrusted Data
Ecosystems: packagist
Packages: drupal/drupal
Source: github
Published: over 4 years ago

High

GSA_kwCzR0hTQS1tNjQ4LWhwZjgtcWNqd84AAozw

Drupal Core Cross-Site Request Forgery (CSRF) vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: almost 2 years ago

Low

GSA_kwCzR0hTQS1wam14LTRnYzYtaHd2OM4AAgJb

Drupal cross-site scripting vulnerability via actions feature and trigger module
Ecosystems: packagist
Packages: drupal/drupal
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS02Y2o4LWMzNTktcDdxOc26VA

Drupal vulnerable to Cross-site Scripting
Ecosystems: packagist
Packages: drupal/drupal
Source: github
Published: about 2 years ago

Moderate

GSA_kwCzR0hTQS13d3JtLTg5NDctNG02Y84AAe25

Drupal Open Redirect
Ecosystems: packagist
Packages: drupal/drupal
Source: github
Published: almost 2 years ago

Moderate

GSA_kwCzR0hTQS12cG02LWg1M20teDJ4Zs4AAe3O

Drupal improper access restrictions
Ecosystems: packagist
Packages: drupal/drupal
Source: github
Published: almost 2 years ago

High

GSA_kwCzR0hTQS1tbWpyLTVxNzQtcDNtNM0rRQ

Exposure of Resource to Wrong Sphere in Drupal Core
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: over 2 years ago

Critical

GSA_kwCzR0hTQS14cTYyLTYyYzktMjJtZ84AA4Y2

Drupal Improper Access Control
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: github
Published: 4 months ago

High

GSA_kwCzR0hTQS1waDJqLTVoeHEtZ3hycs4AAa8_

Drupal Node Validation Bypass in the node module API
Ecosystems: packagist
Packages: drupal/drupal
Source: github
Published: almost 2 years ago

Moderate

MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc5OTYtcTVyOC13N2cy

Symfony Cross-site Scripting (XSS) vulnerability
Ecosystems: packagist
Packages: drupal/drupal, drupal/core, symfony/symfony, symfony/framework-bundle
Source: github
Published: over 4 years ago