CVE-2018-7600 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Critical
Remote	Yes
Type	Arbitrary code execution
Description	A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-665	drupal	8.5.0-1	8.5.1-1	Critical	Fixed

Date	Advisory	Group	Package	Severity	Type
01 Apr 2018	ASA-201804-1	AVG-665	drupal	Critical	arbitrary code execution

References
https://www.drupal.org/sa-core-2018-002 https://www.tenable.com/blog/critical-drupal-core-vulnerability-what-you-need-to-know https://github.com/drupal/drupal/commit/5ac8738fa69df34a0635f0907d661b509ff9a28f

References

https://www.drupal.org/sa-core-2018-002
https://www.tenable.com/blog/critical-drupal-core-vulnerability-what-you-need-to-know
https://github.com/drupal/drupal/commit/5ac8738fa69df34a0635f0907d661b509ff9a28f