Known vulnerabilities in Drupal Drupal 8.9.15

Known vulnerabilities in Drupal Drupal 8.9.15

Vendor: Drupal

Website: https://www.drupal.org

Total Security Bulletins: 17

Security bulletins (17)

Secuity bulletin	Severity	Status	Published
SB2025111349: Multiple vulnerabilities in Drupal	Medium	Patched	13.11.2025
SB2025032012: Cross-site scripting in Drupal	Low	Patched	20.03.2025
SB2025022002: Multiple vulnerabilities in Drupal	Medium	Patched	20.02.2025
SB2024112110: Multiple vulnerabilities in Drupal	Low	Patched	21.11.2024
SB2024112109: Multiple vulnerabilities in Drupal	Low	Patched	21.11.2024
SB2024011787: Denial of service in Drupal Comment module	Medium	Patched	17.01.2024
SB2023092061: Information disclosure in Drupal JSON:API module	High	Patched	20.09.2023
SB2023031541: Multiple vulnerabilities in Drupal	Medium	Patched	15.03.2023
SB20230118103: Improper access control in Drupal Media Library	Low	Patched	18.01.2023
SB2022092840: Path traversal in Drupal Twig	Medium	Patched	28.09.2022
SB2022021627: Multiple vulnerabilities in Drupal	Medium	Patched	16.02.2022
SB2022011943: XSS in Drupal (jQuery UI component)	Medium	Patched	19.01.2022
SB2021111802: Drupal update for CKEditor library	Medium	Patched	18.11.2021
SB2021091524: Multiple vulnerabilities in Drupal	Medium	Patched	15.09.2021
SB2021081215: Drupal update for CKEditor library	Low	Patched	12.08.2021
SB2021072167: Drupal update for Archive_Tar library	High	Patched	21.07.2021
SB2021052702: Cross-site scripting in CKEditor library in Drupal	Low	Patched	27.05.2021