Drupal Releases Security Advisory

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

America's Cyber Defense Agency

Drupal has released a security advisory to address an application program interface (API) vulnerability (CVE-2014-3704) that could allow an attacker to execute arbitrary SQL commands on an affected system.

This vulnerability affects all Drupal core 7.x versions prior to 7.32.

US-CERT advises users and administrators review Drupal's Security Advisory and apply the necessary update or patch.

Drupal Releases Security Advisory

Please share your thoughts

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Releases Five Industrial Control Systems Advisories

Progress Software Releases Security Advisory for MOVEit Transfer

CISA Adds One Known Exploited Vulnerability to Catalog

Drupal Releases Security Advisory

Please share your thoughts

Related Advisories

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Releases Five Industrial Control Systems Advisories

Progress Software Releases Security Advisory for MOVEit Transfer

CISA Adds One Known Exploited Vulnerability to Catalog