Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 11 Jan 2016 23:10:30 +0100
From: Pere Orga <pere@...a.cat>
To: oss-security@...ts.openwall.com
Cc: Drupal Security Team <security@...pal.org>
Subject: CVE requests for Drupal contributed modules

Hi

Please can I have CVE IDs assigned to the following vulnerabilities:

SA-CONTRIB-2015-157 - Twilio - Moderately Critical - Access bypass
https://www.drupal.org/node/2592901

SA-CONTRIB-2015-160 - Webform CiviCRM Integration - Moderately
Critical - Cross Site Scripting (XSS)
https://www.drupal.org/node/2592901

SA-CONTRIB-2015-166 - Encrypt - Moderately Critical - Weak Encryption
https://www.drupal.org/node/2618362

SA-CONTRIB-2015-167 - RESTful - Less Critical - Access bypass
https://www.drupal.org/node/2627444

SA-CONTRIB-2015-170 - Apache Solr Search - Moderately Critical - Access Bypass
https://www.drupal.org/node/2627580

SA-CONTRIB-2015-173 - Select2 Field Widget - Critical - Cross Site
Scripting (XSS)
https://www.drupal.org/node/2636352

SA-CONTRIB-2015-174 - Open Atrium - Critical - Cross Site Scripting (XSS)
https://www.drupal.org/node/2636380

SA-CONTRIB-2015-175 - Block Class - Critical - Cross Site Scripting (XSS)
https://www.drupal.org/node/2636502

Regards

--
Pere Orga on behalf of the Drupal Security team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ