See the full list of npm packages compromised in the "TanStack Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- M
Denial of Service (DoS)CVE-2016-9452
Affects drupal/core | Versions >=8, <8.2.3
Has fix
ComposerPublished 16 Nov 2016
- M
Information ExposureCVE-2016-9449
Affects drupal/core | Versions >=8, <8.2.3
Has fix
ComposerPublished 16 Nov 2016
- M
Cross-site Scripting (XSS)CVE-2016-7571
Affects drupal/core | Versions >=8, <8.1.10
Has fix
ComposerPublished 21 Sept 2016
- M
Access Restriction BypassCVE-2016-7570
Affects drupal/core | Versions >=8, <8.1.10
Has fix
ComposerPublished 21 Sept 2016
- M
Access Restriction BypassCVE-2016-7572
Affects drupal/core | Versions >=8, <8.1.10
Has fix
ComposerPublished 21 Sept 2016
- H
HTTP Header InjectionCVE-2016-5385
Affects drupal/core | Versions >=8, <8.1.7
Has fix
ComposerPublished 18 Jul 2016
- H
Privilege EscalationCVE-2016-6211
Affects drupal/core | Versions >=7, <7.44
Has fix
ComposerPublished 15 Jun 2016
- M
Information ExposureCVE-2016-6212
Affects drupal/core | Versions >=8, <8.1.3
Has fix
ComposerPublished 15 Jun 2016
- H
Deserialization of Untrusted DataCVE-2016-3171
Affects drupal/core | Versions >=6, <6.38
Has fix
ComposerPublished 15 Feb 2016
- H
Open RedirectCVE-2016-3167
Affects drupal/core | Versions >=6, <6.38
Has fix
ComposerPublished 15 Feb 2016
- M
Reflected File DownloadCVE-2016-3168
Affects drupal/core | Versions >=6, <6.38>=7, <7.43
Has fix
ComposerPublished 15 Feb 2016
- H
Privilege EscalationCVE-2016-3169
Affects drupal/core | Versions >=6, <6.38>=7, <7.43
Has fix
ComposerPublished 15 Feb 2016
- H
Denial of Service (DoS)CVE-2016-3162
Affects drupal/core | Versions >=7, <7.43>=8.0, <8.0.4
Has fix
ComposerPublished 15 Feb 2016
- H
Access Restriction BypassCVE-2016-3165
Affects drupal/core | Versions >=6, <6.38
Has fix
ComposerPublished 15 Feb 2016
- M
HTTP Header InjectionCVE-2016-3166
Affects drupal/core | Versions >=6, <6.38
Has fix
ComposerPublished 15 Feb 2016
- M
Information ExposureCVE-2016-3170
Affects drupal/core | Versions >=7, <7.43>=8, <8.0.4
Has fix
ComposerPublished 15 Feb 2016
- H
Open RedirectCVE-2016-3164
Affects drupal/core | Versions >=6, <6.38>=7, <7.43>=8.0, <8.0.4
Has fix
ComposerPublished 15 Feb 2016
- H
Brute ForceCVE-2016-3163
Affects drupal/core | Versions >=6, <6.38>=7, <7.43
Has fix
ComposerPublished 15 Feb 2016
Affects drupal/core-recommended | Versions <8.8.12>=8.9.0, <8.9.10>=9.0.0, <9.0.9
Has fix
ComposerPublished 4 Dec 2020
- H
Open RedirectCVE-2013-6389
Affects drupal/drupal | Versions >=7.0, <7.24
Has fix
ComposerPublished 31 Oct 2024
Affects drupal/drupal | Versions <8.8.12>=8.9.0, <8.9.10>=9.0.0, <9.0.9
Has fix
ComposerPublished 4 Dec 2020
- M
Access Restriction BypassCVE-2020-13667
Affects drupal/drupal | Versions >=8.0.0, <8.1.0>=8.1.0, <8.2.0>=8.2.0, <8.3.0>=8.3.0, <8.4.0>=8.4.0, <8.5.0>=8.5.0, <8.6.0>=8.6.0, <8.7.0>=8.7.0, <8.8.0>=8.8.0, <8.8.10>=8.9.0, <8.9.6>=9.0.0, <9.0.6
Has fix
ComposerPublished 18 Sept 2020
- M
Information DisclosureCVE-2020-13670
Affects drupal/drupal | Versions >=8.0.0, <8.1.0>=8.1.0, <8.2.0>=8.2.0, <8.3.0>=8.3.0, <8.4.0>=8.4.0, <8.5.0>=8.5.0, <8.6.0>=8.6.0, <8.7.0>=8.7.0, <8.8.0>=8.8.0, <8.8.10>=8.9.0, <8.9.6>=9.0.0, <9.0.6
Has fix
ComposerPublished 18 Sept 2020
- C
Cross-site Scripting (XSS)CVE-2020-13669
Affects drupal/drupal | Versions >=8.0.0, <8.1.0>=8.1.0, <8.2.0>=8.2.0, <8.3.0>=8.3.0, <8.4.0>=8.4.0, <8.5.0>=8.5.0, <8.6.0>=8.6.0, <8.7.0>=8.7.0, <8.8.0>=8.8.0, <8.8.10>=8.9.0, <8.9.6>=9.0.0, <9.0.6
Has fix
ComposerPublished 18 Sept 2020
- C
Cross-site Scripting (XSS)CVE-2020-13668
Affects drupal/drupal | Versions >=8.0.0, <8.1.0>=8.1.0, <8.2.0>=8.2.0, <8.3.0>=8.3.0, <8.4.0>=8.4.0, <8.5.0>=8.5.0, <8.6.0>=8.6.0, <8.7.0>=8.7.0, <8.8.0>=8.8.0, <8.8.10>=8.9.0, <8.9.6>=9.0.0, <9.0.6
Has fix
ComposerPublished 18 Sept 2020
- M
Cross-site Scripting (XSS)CVE-2020-13666
Affects drupal/drupal | Versions >=7.0.0, <7.73>=8.0.0, <8.1.0>=8.1.0, <8.2.0>=8.2.0, <8.3.0>=8.3.0, <8.4.0>=8.4.0, <8.5.0>=8.5.0, <8.6.0>=8.6.0, <8.7.0>=8.7.0, <8.8.0>=8.8.0, <8.8.10>=8.9.0, <8.9.6>=9.0.0, <9.0.6
Has fix
ComposerPublished 18 Sept 2020
Affects drupal/drupal | Versions <8.7.11>=8.8.0, <8.8.1
Has fix
ComposerPublished 22 Dec 2019
Affects drupal/drupal | Versions <8.7.11>=8.8.0, <8.8.1
Has fix
ComposerPublished 22 Dec 2019
Affects drupal/drupal | Versions <8.7.11>=8.8.0, <8.8.1
Has fix
ComposerPublished 22 Dec 2019
- M
Access Control BypassCVE-2019-10911
Affects drupal/drupal | Versions <8.5.15>=8.6.0, <8.6.16
Has fix
ComposerPublished 24 Apr 2019