Vulnerabilities (CVE)

Filtered by vendor Rest\/json Project Subscribe
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-20008 1 Rest\/json Project 1 Rest\/json 2024-11-21 5.0 MEDIUM 7.5 HIGH
The REST/JSON project 7.x-1.x for Drupal allows session enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20007 1 Rest\/json Project 1 Rest\/json 2024-11-21 5.0 MEDIUM 7.5 HIGH
The REST/JSON project 7.x-1.x for Drupal allows session name guessing, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20006 1 Rest\/json Project 1 Rest\/json 2024-11-21 5.0 MEDIUM 7.5 HIGH
The REST/JSON project 7.x-1.x for Drupal allows blockage of user logins, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20005 1 Rest\/json Project 1 Rest\/json 2024-11-21 7.5 HIGH 9.8 CRITICAL
The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20004 1 Rest\/json Project 1 Rest\/json 2024-11-21 7.5 HIGH 9.8 CRITICAL
The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20003 1 Rest\/json Project 1 Rest\/json 2024-11-21 5.0 MEDIUM 7.5 HIGH
The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20002 1 Rest\/json Project 1 Rest\/json 2024-11-21 7.5 HIGH 9.8 CRITICAL
The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20001 1 Rest\/json Project 1 Rest\/json 2024-11-21 7.5 HIGH 9.8 CRITICAL
The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.