GHSA-5x28-3f32-x523: Drupal core Access control bypass

May 15, 2024

The Media Library module has a security vulnerability whereby it doesn’t sufficiently restrict access to media items in certain configurations.

References

github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/2019-12-18-3.yaml
github.com/advisories/GHSA-5x28-3f32-x523
github.com/drupal/drupal
www.drupal.org/sa-core-2019-011

Code Behaviors & Features

Detect and mitigate GHSA-5x28-3f32-x523 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →