CVE-2018-7602 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Critical
Remote	Yes
Type	Arbitrary command execution
Description	A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-679	drupal	8.5.2-1	8.5.3-1	Critical	Fixed

Date	Advisory	Group	Package	Severity	Type
27 Apr 2018	ASA-201804-10	AVG-679	drupal	Critical	arbitrary command execution

References
https://www.drupal.org/sa-core-2018-004 https://github.com/drupal/drupal/commit/bb6d396609600d1169da29456ba3db59abae4b7e