See the full list of npm packages compromised in the "TanStack Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- H
Cache PoisoningCVE-2016-9450
Affects drupal/drupal | Versions >=8.0.0, <8.2.3
Has fix
ComposerPublished 16 Nov 2016
- M
Denial of Service (DoS)CVE-2016-9452
Affects drupal/drupal | Versions >=8.0.0, <8.2.3
Has fix
ComposerPublished 16 Nov 2016
- M
Access Restriction BypassCVE-2016-7570
Affects drupal/drupal | Versions >=8.0.0, <8.1.10
Has fix
ComposerPublished 21 Sept 2016
- M
Cross-site Scripting (XSS)CVE-2016-7571
Affects drupal/drupal | Versions >=8.0.0, <8.1.10
Has fix
ComposerPublished 21 Sept 2016
- M
Access Restriction BypassCVE-2016-7572
Affects drupal/drupal | Versions >=8.0.0, <8.1.10
Has fix
ComposerPublished 21 Sept 2016
- H
HTTP Header InjectionCVE-2016-5385
Affects drupal/drupal | Versions >=8.0.0, <8.1.7
Has fix
ComposerPublished 18 Jul 2016
- H
Privilege EscalationCVE-2016-6211
Affects drupal/drupal | Versions >=7.0.0, <7.44
Has fix
ComposerPublished 15 Jun 2016
- M
Information ExposureCVE-2016-6212
Affects drupal/drupal | Versions >=8.0.0, <8.1.3
Has fix
ComposerPublished 15 Jun 2016
- H
Deserialization of Untrusted DataCVE-2016-3171
Affects drupal/drupal | Versions >=6.0.0, <6.38
Has fix
ComposerPublished 15 Feb 2016
- H
Denial of Service (DoS)CVE-2016-3162
Affects drupal/drupal | Versions >=7.0.0, <7.43>=8.0.0, <8.0.4
Has fix
ComposerPublished 15 Feb 2016
- H
Brute ForceCVE-2016-3163
Affects drupal/drupal | Versions >=6.0.0, <6.38>=7.0.0, <7.43
Has fix
ComposerPublished 15 Feb 2016
- M
Reflected File DownloadCVE-2016-3168
Affects drupal/drupal | Versions >=6.0.0, <6.38>=7.0.0, <7.43
Has fix
ComposerPublished 15 Feb 2016
- H
Open RedirectCVE-2016-3164
Affects drupal/drupal | Versions >=6.0.0, <6.38>=7.0.0, <7.43>=8.0.0, <8.0.4
Has fix
ComposerPublished 15 Feb 2016
- H
Privilege EscalationCVE-2016-3169
Affects drupal/drupal | Versions >=6.0.0, <6.38>=7.0.0, <7.43
Has fix
ComposerPublished 15 Feb 2016
- M
Information ExposureCVE-2016-3170
Affects drupal/drupal | Versions >=7.0.0, <7.43>=8.0.0, <8.0.4
Has fix
ComposerPublished 15 Feb 2016
- M
HTTP Header InjectionCVE-2016-3166
Affects drupal/drupal | Versions >=6.0.0, <6.38
Has fix
ComposerPublished 15 Feb 2016
- H
Access Restriction BypassCVE-2016-3165
Affects drupal/drupal | Versions >=6.0.0, <6.38
Has fix
ComposerPublished 15 Feb 2016
- H
Open RedirectCVE-2016-3167
Affects drupal/drupal | Versions >=6.0.0, <6.38
Has fix
ComposerPublished 15 Feb 2016
Affects drupal-pattern-lab/add-attributes-twig-extension | Versions >=0.0.0
Has fix
ComposerPublished 9 Dec 2024
Affects drupal-pattern-lab/bem-twig-extension | Versions >=0.0.0
Has fix
ComposerPublished 9 Dec 2024
- M
Cross-site Scripting (XSS)CVE-2025-11570
Affects drupal-pattern-lab/unified-twig-extensions | Versions >=0.0.0
Has fix
ComposerPublished 9 Dec 2024
Affects drupal/tmgmt | Versions >=1.0.0, <1.7.0
Has fix
ComposerPublished 21 May 2019
Affects drupal/workbench_moderation | Versions >=1.0.0, <1.4.0
Has fix
ComposerPublished 21 May 2019
Affects pattern-lab/drupal-twig-components | Versions >=0.0.0
Has fix
ComposerPublished 9 Dec 2024