packagist: drupal/core

Drupal is an open source content management platform powering millions of websites and applications.

• Homepage:
• Licenses: GPL-2.0-or-later
• Latest release: 10.2.6 (published 7 months ago)
• Last Synced: 2024-11-11T03:13:08.374Z (2 days ago)
• Versions: 383
• Dependent Packages: 770
• Dependent Repositories: 5,293
• Downloads: 46,481,256 Total
• Docker Downloads: 169,964,441
• Rankings:
  • Dependent packages count: 0.052%
  • Docker downloads count: 0.059%
  • Downloads: 0.105%
  • Dependent repos count: 0.126%
  • Average: 0.442%
  • Forks count: 1.077%
  • Stargazers count: 1.232%
• Maintainers (3)
  • Drupal-Infrastructure
  • Drupal
  • Dries
• Funding:
• Advisories:
  • Cache poisoning in drupal/core
  • Drupal Access Control Bypass
  • Improper input validation in Drupal core
  • Exposure of Resource to Wrong Sphere in Drupal Core
  • Drupal Improper Access Control
  • Drupal core arbitrary PHP code execution
  • Drupal core Information Disclosure vulnerability
  • Drupal Core Remote Code Execution Vulnerability
  • Symfony Cross-site Scripting (XSS) vulnerability
  • Cross-Site Request Forgery in Drupal core
  • Lack of domain validation in Druple core
  • Arbitrary PHP code execution in Drupal
  • Missing Authorization in Drupal
  • Drupal Open Redirect
  • Directory Traversal in typo3/phar-stream-wrapper
  • Enhanced Image plugin for CKEditor is vulnerable to Cross-site scripting (XSS)
  • HTTP Proxy header vulnerability
  • Cross-site Scripting in Drupal Core
  • Drupal PECL YAML parser unsafe object handling
  • Drupal Incorrect cache context on password reset page
  • Drupal file REST resource does not properly validate
  • Drupal saving user accounts can sometimes grant the user all roles
  • Drupal Core Remote Code Execution Vulnerability
  • Drupal Reflected file download vulnerability
  • Drupal Views can allow unauthorized users to see Statistics information
  • Drupal Denial of service via transliterate mechanism
  • Drupal Open Redirect
  • Drupal Cross Site Scripting (XSS) vulnerability
  • Drupal Denial of Service vulnerability
  • Drupal Users without "Administer comments" can set comment visibility on nodes they can edit
  • Drupal cross-site scripting vulnerability
  • Drupal Core Remote Code Execution Vulnerability
  • Drupal Comment reply form allows access to restricted content
  • Drupal Cross-Site Scripting vulnerability
  • Drupal Settings Tray access bypass
  • Drupal access bypass vulnerability
  • Drupal access bypass vulnerability
  • Drupal Entity access bypass for entities that do not have UUIDs or have protected revisions
  • Drupal Remote code execution
  • Drupal REST API can bypass comment approval
  • Drupal core access bypass vulnerability
  • Drupal Core Cross-site scripting vulnerability
  • Drupal Core Access bypass vulnerability
  • Drupal Core Access bypass vulnerability
  • Drupal Core Arbitrary PHP code execution vulnerability
  • Drupal Core Open Redirect vulnerability
  • Drupal Core Cross-site scripting vulnerability
  • Drupal CRLF injection vulnerability in the drupal_set_header function
  • Drupal Form API ignores access restrictions on submit buttons
  • Drupal File upload access bypass and denial of service
  • Drupal Open redirect vulnerability in the drupal_goto function
  • Drupal arbitrary code execution
  • Drupal Cross-site scripting (XSS) vulnerability
  • Drupal Unprivileged access to config export
  • Drupal sensitive information disclosure
  • Drupal cross site scripting vulnerability
  • Drupal external link injection vulnerability
  • Unrestricted Upload of File with Dangerous Type in Drupal core
  • Improper input validation in Drupal core
  • Access bypass in Drupal core
  • Access bypass in Drupal core
  • Drupal core Denial of Service vulnerability
  • Incorrect Authorization in Drupal core
  • Drupal core Unrestricted Upload of File with Dangerous Type
  • ckeditor4 vulnerable to cross-site scripting
  • Drupal core access bypass vulnerability
  • Drupal sensitive information disclosure
  • Drupal access control bypass vulnerability
  • Drupal Saving user accounts can sometimes grant the user all roles
  • Drupal Cross-Site Request Forgery (CSRF)
  • Drupal SQL Injection vulnerability
  • Drupal Brute force amplification attacks via XML-RPC
  • Drupal editor module incorrectly checks access to inline private files
  • Drupal Core Cross-Site Request Forgery (CSRF) vulnerability
  • Access bypass in Drupal Core
  • Incorrect authorization in Drupal core
  • Drupal core Cross-site Scripting (XSS) vulnerability in ckeditor
  • Drupal core Cross-Site Scripting (XSS) vulnerabilities
  • Drupal core Arbitrary PHP code execution
  • Drupal core Open Redirect vulnerability
  • Drupal core uses a vulnerable Third-party library CKEditor
  • Drupal core Multiple vulnerabilities due to the use of the third-party library Archive_Tar
  • Drupal core Access bypass
  • Drupal core unrestricted file upload
  • Drupal core Denial of Service
  • Drupal Core Insufficient Contextual Links validation leads to Remote Code Execution
  • Drupal core Remote Code Execution
  • Drupal Anonymous Open Redirect
  • Drupal External URL injection through URL aliases leading to Open Redirect
  • Drupal Content moderation Access bypass
  • Drupal Full Path Disclosure
  • Drupal core Cross-site Scripting (XSS) vulnerability