Drupa security : how to solve this security issue (CVE-2024-45440) ?

Drupa security

Found 2 security vulnerability advisories affecting 2 packages:

+-------------------+----------------------------------------------------------------------------------+
| Package           | drupal/core                                                                      |
| Severity          | low                                                                              |
| CVE               | CVE-2024-45440                                                                   |
| Title             | Drupal Full Path Disclosure                                                      |
| URL               | https://github.com/advisories/GHSA-mg8j-w93w-xjgc                                |
| Affected versions | >=8.0.0,<=11.0.4                                                                 |
| Reported at       | 2024-08-29T12:31:05+00:00                                                        |
+-------------------+----------------------------------------------------------------------------------+
+-------------------+----------------------------------------------------------------------------------+
| Package           | drupal/core-recommended                                                          |
| Severity          | low                                                                              |
| CVE               | CVE-2024-45440                                                                   |
| Title             | Drupal Full Path Disclosure                                                      |
| URL               | https://github.com/advisories/GHSA-mg8j-w93w-xjgc                                |
| Affected versions | >=8.0.0,<=11.0.4                                                                 |
| Reported at       | 2024-08-29T12:31:05+00:00                                                        |
+-------------------+----------------------------------------------------------------------------------+

 

How to solve this security issue (CVE-2024-45440) ?

Neuen Kommentar schreiben

Hilfe zum Textformat
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

Suche

Neueste Kommentare

  • Für Apache 2.4 + Plesk

    1 week ago
    Bypass htaccess-htpasswd if IP = valid

    Für Apache 2.4 + Plesk 18:

    Config File: var/www/vhosts/system/test.example.com/conf/httpd.conf

  • RAM ist 32 MB. Wie kann ich…

    1 day ago
    Install APCu (PHP 8.1, Plesk)

    RAM ist 32 MB. Wie kann ich es erhöhen?

  • Short Code w. Radio Buttons, Checkbox, Textarea, Email, Phone

    2 months 3 weeks ago
    Formulare: alle Text Felder mit Test / Demo Daten füllen (mit JQuery)
    $("input[type='radio']").each(function () {

  • Wildcard

    6 months ago
    How to Renew Let’s Encrypt SSL Certificate on Plesk via Ubuntu Shell

    Let’s Encrypt will only accept a wildcard via DNS challenge. 

    If your Plesk instance can’t create the _acme-challenge.example.com TXT (external DNS), the extension can’t complete validation and will show no success. 

  • Same problem

    6 months 1 week ago
    Warning: Undefined array key "url" in Drupal\Core\Asset\CssCollectionOptimizerLazy->optimizeGroup() 
    Warning: Undefined array key "url" in Drupal\Core\Asset\JsCollectionOptimizerLazy->optimizeGroup()

  • set-timezone Europe/Berlin

    6 months 1 week ago
    Server install & config : Debian 12 + Plesk + Apache + nginx + MariaDB + Solr
    sudo timedatectl set-timezone Europe/Berlin

  • Try this:1. Go to  Tools &…

    6 months 2 weeks ago
    Warning: PHP Startup: Unable to load dynamic library 'apcu.so' ... cannot open shared object file: No such file or directory

    Try this:

  • Alternative (without warnings like "no crontab for user")

    6 months 4 weeks ago
    List Cronjobs for all users (via for + crontab)

    Alternative (without warnings like "no crontab for dovecot") to see all tasks:

  • php 8.3 apcu

    6 months 4 weeks ago
    Install APCu (PHP 8.1, Plesk)

    php 8.3 apcu failed

    über Plesk hat es geklappt.

     

  • phpize failed error?

    6 months 4 weeks ago
    Install APCu (PHP 8.1, Plesk)

     

    install:

    # sudo apt install php-dev