CVE-2019-6340: Improper Input Validation

February 21, 2019 (updated March 8, 2019)

Some field types do not properly sanitize data from non-form sources in Drupal. This can lead to arbitrary PHP code execution in some cases.

References

www.drupal.org/SA-CORE-2019-003

Code Behaviors & Features

Detect and mitigate CVE-2019-6340 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →