GHSA-6mgp-v5cm-ghg5

Source

https://github.com/advisories/GHSA-6mgp-v5cm-ghg5

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-6mgp-v5cm-ghg5/GHSA-6mgp-v5cm-ghg5.json

JSON Data

https://api.test.osv.dev/v1/vulns/GHSA-6mgp-v5cm-ghg5

Published

2024-05-15T20:27:23Z

Modified

2024-11-29T05:37:17.941897Z

Summary

Drupal core Remote Code Execution

Details

In Drupal core, when sending email some variables were not being sanitized for shell arguments in DefaultMailSystem::mail(), which could lead to remote code execution.

Database specific

{
    "nvd_published_at": null,
    "severity": "CRITICAL",
    "github_reviewed_at": "2024-05-15T20:27:23Z",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-94"
    ]
}

References

Affected packages

Packagist / drupal/core

Package

Name: drupal/core
Purl: pkg:composer/drupal/core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

7.0

Fixed

7.60

Packagist / drupal/core

Package

Name: drupal/core
Purl: pkg:composer/drupal/core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

8.0.0

Fixed

8.5.8

Affected versions

8.*

8.0.0

8.0.1

8.0.2

8.0.3

8.0.4

8.0.5

8.0.6

8.1.0-beta1

8.1.0-beta2

8.1.0-rc1

8.1.0

8.1.1

8.1.2

8.1.3

8.1.4

8.1.5

8.1.6

8.1.7

8.1.8

8.1.9

8.1.10

8.2.0-beta1

8.2.0-beta2

8.2.0-beta3

8.2.0-rc1

8.2.0-rc2

8.2.0

8.2.1

8.2.2

8.2.3

8.2.4

8.2.5

8.2.6

8.2.7

8.2.8

8.3.0-alpha1

8.3.0-beta1

8.3.0-rc1

8.3.0-rc2

8.3.0

8.3.1

8.3.2

8.3.3

8.3.4

8.3.5

8.3.6

8.3.7

8.3.8

8.3.9

8.4.0-alpha1

8.4.0-beta1

8.4.0-rc1

8.4.0-rc2

8.4.0

8.4.1

8.4.2

8.4.3

8.4.4

8.4.5

8.4.6

8.4.7

8.4.8

8.5.0-alpha1

8.5.0-beta1

8.5.0-rc1

8.5.0

8.5.1

8.5.2

8.5.3

8.5.4

8.5.5

8.5.6

8.5.7

Packagist / drupal/core

Package

Name: drupal/core
Purl: pkg:composer/drupal/core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

8.6.0

Fixed

8.6.2

Affected versions

8.*

8.6.0

8.6.1