CVEs (8)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Rest/json Project 1Rest/json Nov 21, 2024 Jan 1, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy. |
1Rest/json Project 1Rest/json Nov 21, 2024 Jan 1, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy. |
The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy. |
1Rest/json Project 1Rest/json Nov 21, 2024 Jan 1, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy. |
1Rest/json Project 1Rest/json Nov 21, 2024 Jan 1, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy. |
The REST/JSON project 7.x-1.x for Drupal allows session enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy. |
The REST/JSON project 7.x-1.x for Drupal allows session name guessing, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy. |
The REST/JSON project 7.x-1.x for Drupal allows blockage of user logins, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy. |