FreeBSD : drupal -- Drupal Core - Multiple Vulnerabilities (4fc2df49-6279-11e7-be0f-6cf0497db129)
High Nessus Plugin ID 101276
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionDrupal Security Team Reports :
CVE-2017-6920: PECL YAML parser unsafe object handling.
CVE-2017-6921: File REST resource does not properly validate
CVE-2017-6922: Files uploaded by anonymous users into a private file system can be accessed by other anonymous users.
SolutionUpdate the affected packages.