See the full list of npm packages compromised in the "SHA1-Hulud npm supply chain incident – Nov 2025" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
| VULNERABILITY | AFFECTS | TYPE | PUBLISHED |
|---|---|---|---|
| drupal/drupal>=0.0.0, <7.58>=8.0.0, <8.3.9>=8.4.0, <8.4.6>=8.5.0, <8.5.1 | Composer | 2 Apr 2018 |
| drupal/drupal>=7.0.0, <7.57>=8.0.0, <8.4.5 | Composer | 6 Mar 2018 |
| drupal/drupal>=7.0.0, <7.57>=8.0.0, <8.4.0 | Composer | 6 Mar 2018 |
| drupal/drupal>=8.0, <8.4.5 | Composer | 6 Mar 2018 |
| drupal/drupal>=7.0, <7.57 | Composer | 6 Mar 2018 |
| drupal/drupal>=7.0, <7.57 | Composer | 6 Mar 2018 |
| drupal/drupal>=8.4.0, <8.4.5 | Composer | 6 Mar 2018 |
| drupal/drupal>=8.4.0, <8.4.5 | Composer | 6 Mar 2018 |
| drupal/drupal>=8.0, <8.3.7 | Composer | 16 Aug 2017 |
| drupal/drupal>=8.0, <8.3.7 | Composer | 16 Aug 2017 |
| drupal/drupal>=8.0, <8.3.7 | Composer | 16 Aug 2017 |
| drupal/drupal>=8.0.0, <8.3.4 | Composer | 21 Jun 2017 |
| drupal/drupal>=8.0.0, <8.3.4 | Composer | 21 Jun 2017 |
| drupal/drupal>=7.0.0, <7.56>=8.0.0, <8.3.4 | Composer | 21 Jun 2017 |
| drupal/drupal>=8.3.0, <8.3.1<8.2.8 | Composer | 19 Apr 2017 |
| drupal/drupal>=8.0.0, <8.2.7 | Composer | 15 Mar 2017 |
| drupal/drupal>=8.0.0, <8.2.7 | Composer | 15 Mar 2017 |
| drupal/drupal>=8.0.0, <8.2.7 | Composer | 15 Mar 2017 |
| drupal/drupal>=8.0.0, <8.2.3 | Composer | 16 Nov 2016 |
| drupal/drupal>=8.0.0, <8.2.3 | Composer | 16 Nov 2016 |
| drupal/drupal>=8.0.0, <8.2.3 | Composer | 16 Nov 2016 |
| drupal/drupal>=8.0.0, <8.1.10 | Composer | 21 Sept 2016 |
| drupal/drupal>=8.0.0, <8.1.10 | Composer | 21 Sept 2016 |
| drupal/drupal>=8.0.0, <8.1.10 | Composer | 21 Sept 2016 |
| drupal/drupal>=8.0.0, <8.1.7 | Composer | 18 Jul 2016 |
| drupal/drupal>=7.0.0, <7.44 | Composer | 15 Jun 2016 |
| drupal/drupal>=8.0.0, <8.1.3 | Composer | 15 Jun 2016 |
| drupal/drupal>=6.0.0, <6.38>=7.0.0, <7.43 | Composer | 15 Feb 2016 |
| drupal/drupal>=6.0.0, <6.38 | Composer | 15 Feb 2016 |
| drupal/drupal>=6.0.0, <6.38 | Composer | 15 Feb 2016 |