See the full list of npm packages compromised in the "TanStack Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- H
Remote Code Execution (RCE)CVE-2019-6340
Affects drupal/core | Versions <8.5.11>=8.6.0, <8.6.10
Has fix
ComposerPublished 22 Feb 2019
- H
Arbitrary Code ExecutionCVE-2019-6339
Affects drupal/core | Versions >=7.0.0, <7.6.2>=8.5.0, <8.5.9>=8.6.0, <8.6.6
Has fix
ComposerPublished 4 Feb 2019
Affects drupal/core | Versions >=7.0.0, <7.60>=8.0.0, <8.5.8>=8.6.0, <8.6.2
Has fix
ComposerPublished 22 Oct 2018
Affects drupal/core | Versions >=7.0.0, <7.60>=8.0.0, <8.5.8>=8.6.0, <8.6.2
Has fix
ComposerPublished 22 Oct 2018
Affects drupal/core | Versions >=7.0.0, <7.60>=8.0.0, <8.5.8>=8.6.0, <8.6.2
Has fix
ComposerPublished 22 Oct 2018
Affects drupal/core | Versions >=7.0.0, <7.60>=8.0.0, <8.5.8>=8.6.0, <8.6.2
Has fix
ComposerPublished 22 Oct 2018
Affects drupal/core | Versions >=7.0.0, <7.60>=8.0.0, <8.5.8>=8.6.0, <8.6.2
Has fix
ComposerPublished 22 Oct 2018
Affects drupal/core | Versions >=7.0.0, <7.60>=8.0.0, <8.5.8>=8.6.0, <8.6.2
Has fix
ComposerPublished 22 Oct 2018
Affects drupal/core | Versions >=8.0.0, <8.4.7>=8.5.0, <8.5.2
Has fix
ComposerPublished 10 May 2018
- C
Arbitrary Code ExecutionCVE-2018-7602
Affects drupal/core | Versions <7.59>=8.0, <8.4.8>=8.5.0, <8.5.3
Has fix
ComposerPublished 10 May 2018
- M
Cross-site Scripting (XSS)CVE-2018-9861
Affects drupal/core | Versions <8.4.7>=8.5.0, <8.5.2
Has fix
ComposerPublished 2 May 2018
- C
Arbitrary Code ExecutionCVE-2018-7600
Affects drupal/core | Versions <7.58>=8.0, <8.3.9>=8.4.0, <8.4.6>=8.5.0, <8.5.1
Has fix
ComposerPublished 2 Apr 2018
- M
Cross-site Scripting (XSS)CVE-2017-6927
Affects drupal/core | Versions >=7.0, <7.57>=8.0, <8.4.5
Has fix
ComposerPublished 6 Mar 2018
- M
Cross-site Scripting (XSS)CVE-2017-6929
Affects drupal/core | Versions >=7.0.0, <7.57>=8.0.0, <8.4.0
Has fix
ComposerPublished 6 Mar 2018
- M
Access Restriction BypassCVE-2017-6931
Affects drupal/core | Versions >=8.0, <8.4.5
Has fix
ComposerPublished 5 Mar 2018
- M
Link InjectionCVE-2017-6932
Affects drupal/core | Versions >=7.0, <7.57
Has fix
ComposerPublished 5 Mar 2018
- M
Access Restriction BypassCVE-2017-6928
Affects drupal/core | Versions >=7.0, <7.57
Has fix
ComposerPublished 5 Mar 2018
- H
Information ExposureCVE-2017-6926
Affects drupal/core | Versions >=8.4.0, <8.4.5
Has fix
ComposerPublished 5 Mar 2018
- H
Access Restriction BypassCVE-2017-6930
Affects drupal/core | Versions >=8.4, <8.4.5
Has fix
ComposerPublished 5 Mar 2018
- M
Access Restriction BypassCVE-2017-6925
Affects drupal/core | Versions >=8.0, <8.3.7
Has fix
ComposerPublished 16 Aug 2017
- M
Access Restriction BypassCVE-2017-6924
Affects drupal/core | Versions >=8.0, <8.3.7
Has fix
ComposerPublished 16 Aug 2017
- M
Authentication BypassCVE-2017-6923
Affects drupal/core | Versions >=8.0, <8.3.7
Has fix
ComposerPublished 16 Aug 2017
- C
Deserialization of Untrusted DataCVE-2017-6920
Affects drupal/core | Versions >=8, <8.3.4
Has fix
ComposerPublished 21 Jun 2017
- M
Arbitrary File UploadCVE-2017-6921
Affects drupal/core | Versions >=8, <8.3.4
Has fix
ComposerPublished 21 Jun 2017
- M
Information ExposureCVE-2017-6922
Affects drupal/core | Versions >=7, <7.56>=8, <8.3.4
Has fix
ComposerPublished 21 Jun 2017
- H
Access Restriction BypassCVE-2017-6919
Affects drupal/core | Versions >=8.3, <8.3.1<8.2.8
Has fix
ComposerPublished 19 Apr 2017
- H
Access Restriction BypassCVE-2017-6377
Affects drupal/core | Versions >=8.0, <8.2.7
Has fix
ComposerPublished 15 Mar 2017
- H
Cross-site Request Forgery (CSRF)CVE-2017-6379
Affects drupal/core | Versions >=8.0, <8.2.7
Has fix
ComposerPublished 15 Mar 2017
- H
Arbitrary Code ExecutionCVE-2017-6381
Affects drupal/core | Versions >=8.0, <8.2.7
Has fix
ComposerPublished 15 Mar 2017
- H
Cache PoisoningCVE-2016-9450
Affects drupal/core | Versions >=8, <8.2.3
Has fix
ComposerPublished 16 Nov 2016