Vendor Report: Drupal

VendorDrupal
Vendor CVE Table4231381910351413385272353761
Vendor CVE Counts by Year Graph

Vendor OWASP CVE Counts by Year Table

Expand/Collapse

Title 2020 2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007 2006 2005 2002
Sql Injection 1 0 0 0 0 1 1 0 1 0 0 7 7 2 6 0 0
Broken Authentication 0 0 0 0 1 0 1 1 1 0 3 2 4 0 1 0 0
Broken Access Control 0 0 1 0 0 0 0 0 0 0 0 0 2 3 1 0 0
Cross Site Scripting (XSS) 0 7 2 0 1 2 22 2 3 1 3 29 31 11 20 2 1
Using Components with Known Vulnerabilities 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0
Unvalidated Redirect 0 1 0 3 3 2 0 1 1 0 0 0 0 1 2 0 0
Cross Site Request Forgery 0 1 0 1 0 1 1 2 1 0 0 6 7 4 1 0 0
Insufficient Logging and Monitoring 0 0 0 0 1 1 0 0 1 0 1 1 2 2 1 0 0
Brute Force 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0
Cache Poisioning 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0
HTTP Response Splitting 0 0 0 0 1 0 0 0 0 0 0 0 0 1 0 0 0
Spoofing 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0
Session Fixation 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0
Vendor OWASP CVE Counts by Year Graph

Vendor Data Table

ProductVersion CountCVE CountCvssV2 Base Score - AverageCvssV2 Exploitability Score - AverageBaseV2 Impact Score - AverageCvssV3 Base Score - AverageCvssV3 Exploitability Score - AverageBaseV3 Impact Score - AverageCVEs
Acidfree 1 1 6.006.806.40N/AN/AN/A
CVE-2007-0507
Activity 1 2 5.157.704.65N/AN/AN/A
CVE-2012-2078, CVE-2012-2079
Aggregation Module 1 4 6.988.956.43N/AN/AN/A
CVE-2008-2998, CVE-2008-2999, CVE-2008-3000, CVE-2008-3001
Ajax Checklist 1 2 4.756.804.65N/AN/AN/A
CVE-2008-5998, CVE-2008-5999
Archive Module 1 1 4.308.602.90N/AN/AN/A
CVE-2008-0462
Asin Field Module 1 1 3.506.802.90N/AN/AN/A
CVE-2007-5621
Atom Module 1 1 5.0010.002.90N/AN/AN/A
CVE-2008-0275
Audio Module 1 1 7.5010.006.40N/AN/AN/A
CVE-2007-1035
Authenticated User Page Caching 1 1 4.008.002.90N/AN/AN/A
CVE-2013-4226
Avatar Uploader 1 1 5.0010.002.907.503.903.60
CVE-2018-9205
Bibliography Module 1 2 5.909.304.65N/AN/AN/A
CVE-2006-4108, CVE-2006-4109
Bluemasters 1 1 3.506.802.90N/AN/AN/A
CVE-2014-7978
Brilliant Gallery 1 2 5.508.404.65N/AN/AN/A
CVE-2008-4530, CVE-2008-4531
Bueditor 1 1 4.308.602.90N/AN/AN/A
CVE-2008-0271
Cck Comment Reference 1 1 4.308.602.90N/AN/AN/A
CVE-2009-1342
Chatroom Module 2 2 7.5010.006.40N/AN/AN/A
CVE-2006-6528, CVE-2006-6529
Comment Mail 1 1 6.808.606.40N/AN/AN/A
CVE-2008-6384
Comment Upload Module 1 1 6.4010.004.90N/AN/AN/A
CVE-2008-0569
Commons 1 1 4.308.602.90N/AN/AN/A
CVE-2014-8747
Content Construction Kit 3 3 4.038.002.90N/AN/AN/A
CVE-2007-4363, CVE-2008-6229, CVE-2009-1069
Context Form Alteration Module 1 1 3.506.802.90N/AN/AN/A
CVE-2014-7869
Custom Search Module 1 2 3.506.802.90N/AN/AN/A
CVE-2014-7870, CVE-2014-8745
Cvs Management And Tracker 1 1 6.808.606.40N/AN/AN/A
CVE-2006-6386
Data 1 2 5.909.304.65N/AN/AN/A
CVE-2011-2714, CVE-2011-2715
Database Administration Module 1 2 5.909.304.65N/AN/AN/A
CVE-2007-2159, CVE-2007-2160
Devel Module 1 1 2.604.902.90N/AN/AN/A
CVE-2010-3022
Doubleclick For Publishers 1 1 3.506.802.90N/AN/AN/A
CVE-2014-8748
Drupal 24 200 5.138.284.256.882.763.93
CVE-2002-1806, CVE-2005-0682, CVE-2005-1871, CVE-2005-2106, CVE-2005-3973,
CVE-2005-3974, CVE-2005-3975, CVE-2006-0070, CVE-2006-1225, CVE-2006-1226,
CVE-2006-1227, CVE-2006-1228, CVE-2006-2260, CVE-2006-2742, CVE-2006-2743,
CVE-2006-2831, CVE-2006-2832, CVE-2006-2833, CVE-2006-3570, CVE-2006-4002,
CVE-2006-4120, CVE-2006-5475, CVE-2006-5476, CVE-2006-5477, CVE-2007-0124,
CVE-2007-0136, CVE-2007-0626, CVE-2007-0658, CVE-2007-4063, CVE-2007-4064,
CVE-2007-5416, CVE-2007-5593, CVE-2007-5594, CVE-2007-5595, CVE-2007-5596,
CVE-2007-5597, CVE-2007-5621, CVE-2007-6299, CVE-2007-6752, CVE-2008-0272,
CVE-2008-0273, CVE-2008-0274, CVE-2008-0276, CVE-2008-0462, CVE-2008-1131,
CVE-2008-1133, CVE-2008-1729, CVE-2008-2271, CVE-2008-2771, CVE-2008-2999,
CVE-2008-3094, CVE-2008-3218, CVE-2008-3219, CVE-2008-3220, CVE-2008-3221,
CVE-2008-3222, CVE-2008-3223, CVE-2008-3661, CVE-2008-3740, CVE-2008-3741,
CVE-2008-3742, CVE-2008-3743, CVE-2008-3744, CVE-2008-3745, CVE-2008-4789,
CVE-2008-4790, CVE-2008-4791, CVE-2008-4792, CVE-2008-4793, CVE-2008-6170,
CVE-2008-6171, CVE-2008-6532, CVE-2008-6533, CVE-2009-1047, CVE-2009-1575,
CVE-2009-1576, CVE-2009-1844, CVE-2009-2372, CVE-2009-2373, CVE-2009-2374,
CVE-2009-3156, CVE-2009-3479, CVE-2009-4066, CVE-2009-4369, CVE-2009-4370,
CVE-2009-4371, CVE-2010-2250, CVE-2010-2471, CVE-2010-2472, CVE-2010-2473,
CVE-2010-3091, CVE-2010-3092, CVE-2010-3093, CVE-2010-3094, CVE-2010-3685,
CVE-2010-3686, CVE-2011-2687, CVE-2011-2714, CVE-2011-2715, CVE-2011-2726,
CVE-2011-3730, CVE-2012-0825, CVE-2012-0826, CVE-2012-0827, CVE-2012-1588,
CVE-2012-1589, CVE-2012-1590, CVE-2012-1591, CVE-2012-2153, CVE-2012-2306,
CVE-2012-2339, CVE-2012-2922, CVE-2012-4553, CVE-2012-4554, CVE-2012-5651,
CVE-2012-5652, CVE-2012-5653, CVE-2013-0244, CVE-2013-0245, CVE-2013-0246,
CVE-2013-0316, CVE-2013-6385, CVE-2013-6386, CVE-2013-6387, CVE-2013-6388,
CVE-2013-6389, CVE-2014-1475, CVE-2014-1476, CVE-2014-1607, CVE-2014-2983,
CVE-2014-5019, CVE-2014-5020, CVE-2014-5021, CVE-2014-5022, CVE-2014-5265,
CVE-2014-5266, CVE-2014-5267, CVE-2014-9015, CVE-2014-9016, CVE-2015-2559,
CVE-2015-2749, CVE-2015-2750, CVE-2015-3231, CVE-2015-3232, CVE-2015-3233,
CVE-2015-3234, CVE-2015-6658, CVE-2015-6659, CVE-2015-6660, CVE-2015-6661,
CVE-2015-6665, CVE-2015-7880, CVE-2015-7943, CVE-2016-3162, CVE-2016-3163,
CVE-2016-3164, CVE-2016-3165, CVE-2016-3166, CVE-2016-3167, CVE-2016-3168,
CVE-2016-3169, CVE-2016-3170, CVE-2016-3171, CVE-2016-6211, CVE-2016-6212,
CVE-2016-7570, CVE-2016-7571, CVE-2016-7572, CVE-2016-9449, CVE-2016-9450,
CVE-2016-9451, CVE-2016-9452, CVE-2017-6377, CVE-2017-6379, CVE-2017-6381,
CVE-2017-6919, CVE-2017-6920, CVE-2017-6921, CVE-2017-6922, CVE-2017-6923,
CVE-2017-6924, CVE-2017-6925, CVE-2017-6926, CVE-2017-6927, CVE-2017-6928,
CVE-2017-6929, CVE-2017-6930, CVE-2017-6931, CVE-2017-6932, CVE-2018-7600,
CVE-2018-7602, CVE-2018-9861, CVE-2019-10909, CVE-2019-11358, CVE-2019-11876,
CVE-2019-6338, CVE-2019-6339, CVE-2019-6340, CVE-2019-6341, CVE-2019-6342
Drupal Core 1 1 7.5010.006.40N/AN/AN/A
CVE-2014-3704
Drupal E-commerce Module 1 1 3.506.802.90N/AN/AN/A
CVE-2006-4360
Drupal Easylinks Module 1 2 5.057.454.65N/AN/AN/A
CVE-2006-4355, CVE-2006-4356
Drupal Mysite 1 1 6.808.606.40N/AN/AN/A
CVE-2006-6647
Drupal Pathauto Module 1 1 6.808.606.40N/AN/AN/A
CVE-2006-4646
Drupal Project 1 1 6.808.606.40N/AN/AN/A
CVE-2006-6646
Drupal Project Issue Tracking 1 3 4.607.404.07N/AN/AN/A
CVE-2006-6646, CVE-2007-1368, CVE-2007-5228
Drupal Pubcookie Module 1 1 7.5010.006.40N/AN/AN/A
CVE-2006-4717
Drupal Userreview Module 1 1 4.308.602.90N/AN/AN/A
CVE-2006-4821
E-commerce Module 1 1 3.506.802.90N/AN/AN/A
CVE-2007-5621
E-publish 1 1 4.308.602.90N/AN/AN/A
CVE-2008-1980
Everyblog 1 4 6.709.655.53N/AN/AN/A
CVE-2008-6134, CVE-2008-6135, CVE-2008-6136, CVE-2008-6137
Extended Tracker 1 1 7.5010.006.40N/AN/AN/A
CVE-2006-5608
Faq 1 1 4.308.602.90N/AN/AN/A
CVE-2012-1646
Feature Module 1 1 4.308.602.90N/AN/AN/A
CVE-2007-6320
Feedapi Mapper 1 1 4.308.602.90N/AN/AN/A
CVE-2009-1249
Fileshare Module 1 1 8.506.8010.00N/AN/AN/A
CVE-2008-0277
Form Mail Module 1 1 7.5010.006.40N/AN/AN/A
CVE-2006-3473
Forward Module 1 1 7.8010.006.90N/AN/AN/A
CVE-2007-3690
Fullname Field For Cck 1 1 3.506.802.90N/AN/AN/A
CVE-2007-5621
Getid3 1 1 7.5010.006.40N/AN/AN/A
CVE-2007-1035
Header Image 1 1 10.0010.0010.00N/AN/AN/A
CVE-2008-0823
Help Tip Module 1 2 7.159.306.40N/AN/AN/A
CVE-2006-6530, CVE-2006-6531
Imce Module 1 2 6.008.005.65N/AN/AN/A
CVE-2006-7109, CVE-2006-7110
Internationalization 1 1 4.308.602.90N/AN/AN/A
CVE-2009-0382
Invite Module 1 1 3.506.802.90N/AN/AN/A
CVE-2007-5621
Job Search 1 1 7.5010.006.40N/AN/AN/A
CVE-2006-4107
Link Module 1 1 3.506.802.90N/AN/AN/A
CVE-2009-0603
Link To Us 1 1 4.308.602.90N/AN/AN/A
CVE-2008-4149
Localization Client 2 2 5.558.604.65N/AN/AN/A
CVE-2008-6169, CVE-2009-1344
Localization Server 1 1 6.808.606.40N/AN/AN/A
CVE-2008-6169
Logintoboggan Module 1 2 3.907.702.90N/AN/AN/A
CVE-2007-3817, CVE-2007-3818
Maestro 1 1 3.506.802.90N/AN/AN/A
CVE-2014-8743
Magic Tabs Module 1 1 7.5010.006.40N/AN/AN/A
CVE-2008-2772
Mailhandler 1 1 7.5010.006.40N/AN/AN/A
CVE-2008-4148
Mailsave 1 1 4.308.602.90N/AN/AN/A
CVE-2008-4147
Mayo 1 1 4.008.002.90N/AN/AN/A
CVE-2014-8079
Mediafield Module 1 1 7.5010.006.40N/AN/AN/A
CVE-2007-1035
Meta Tags Module 1 1 6.808.606.40N/AN/AN/A
CVE-2008-0264
Modal Frame 1 1 4.308.602.90N/AN/AN/A
CVE-2014-8296
Mrbs Module 1 1 6.808.606.40N/AN/AN/A
CVE-2013-7407
News Page 1 1 6.508.006.40N/AN/AN/A
CVE-2009-1505
Newsflash 1 1 3.506.802.90N/AN/AN/A
CVE-2014-8077
Nivo Slider 1 1 3.506.802.90N/AN/AN/A
CVE-2014-8744
Node Clone 1 1 6.006.806.40N/AN/AN/A
CVE-2008-4633
Node Hierarchy Module 1 1 5.0010.002.90N/AN/AN/A
CVE-2008-2771
Node Relativity Module 1 1 3.506.802.90N/AN/AN/A
CVE-2007-5621
Nodeaccess Userreference 1 1 7.5010.006.40N/AN/AN/A
CVE-2009-1507
Nodefamily 1 1 6.006.806.40N/AN/AN/A
CVE-2007-1360
Nodequeue 1 1 3.506.802.90N/AN/AN/A
CVE-2009-2074
Openid 1 1 5.0010.002.90N/AN/AN/A
CVE-2008-0570
Organic Groups Menu 1 1 3.506.802.90N/AN/AN/A
CVE-2014-8734
Organic Groups Module 1 2 3.907.702.90N/AN/AN/A
CVE-2008-3094, CVE-2008-3095
Outline Designer Module 1 1 6.508.006.40N/AN/AN/A
CVE-2008-3096
Pathauto Module 1 1 3.506.802.90N/AN/AN/A
CVE-2007-5621
Paypal Node Module 1 1 3.506.802.90N/AN/AN/A
CVE-2007-5621
Petition Node Module 1 1 3.506.802.90N/AN/AN/A
CVE-2011-4560
Plus1 1 1 6.808.606.40N/AN/AN/A
CVE-2009-1036
Print 2 5 3.947.782.90N/AN/AN/A
CVE-2009-1037, CVE-2009-1047, CVE-2009-1343, CVE-2009-1823, CVE-2014-8078
Print Module 1 1 7.8010.006.90N/AN/AN/A
CVE-2007-3689
Professional Theme 1 1 3.506.802.90N/AN/AN/A
CVE-2014-8076
Project 3 4 5.958.055.55N/AN/AN/A
CVE-2007-0505, CVE-2007-0506, CVE-2007-0534, CVE-2007-4436
Project Issue File Review 1 1 4.308.602.90N/AN/AN/A
CVE-2014-8765
Project Issue Tracking Module 3 6 5.758.475.00N/AN/AN/A
CVE-2007-0505, CVE-2007-0506, CVE-2007-0534, CVE-2007-4436, CVE-2008-0576,
CVE-2008-0577
Protected Node Module 1 1 3.506.802.90N/AN/AN/A
CVE-2009-0817
Quick Tabs 1 1 3.506.802.90N/AN/AN/A
CVE-2012-1637
Quiz 1 1 3.506.802.90N/AN/AN/A
CVE-2009-1942
Randomizer 1 1 4.308.602.90N/AN/AN/A
CVE-2009-4602
Realname 1 1 4.308.602.90N/AN/AN/A
CVE-2012-2298
Recipe Module 1 1 5.104.906.40N/AN/AN/A
CVE-2006-4120
Search Keyword Module 1 1 6.808.606.40N/AN/AN/A
CVE-2006-4947
Secure Site Module 1 2 8.7510.008.20N/AN/AN/A
CVE-2007-1033, CVE-2008-0568
Semantically Interconnected Online Communities 1 1 5.0010.002.90N/AN/AN/A
CVE-2008-6160
Services Module For Drupal 1 1 6.4010.004.90N/AN/AN/A
CVE-2009-2035
Shindig-integrator 1 3 6.439.535.23N/AN/AN/A
CVE-2008-4596, CVE-2008-4597, CVE-2008-4598
Shoutbox 1 1 4.308.602.90N/AN/AN/A
CVE-2007-6298
Simplecorp 1 1 3.506.802.90N/AN/AN/A
CVE-2014-7979
Site Documentation Module 1 1 7.5010.006.40N/AN/AN/A
CVE-2008-2271
Site Profile Directory Module 1 1 4.308.602.90N/AN/AN/A
CVE-2006-4949
Skeleton Theme 1 1 3.506.802.90N/AN/AN/A
CVE-2014-8746
Stock Module 1 1 4.308.602.90N/AN/AN/A
CVE-2008-4710
Storage Api 1 1 7.5010.006.409.803.905.90
CVE-2014-5170
Storm 1 1 6.006.806.40N/AN/AN/A
CVE-2008-6383
Suggested Terms Module 1 1 4.308.602.90N/AN/AN/A
CVE-2008-3500
Svg Sanitizer 1 1 5.0010.002.90N/AN/AN/A
CVE-2019-18856
Talk 1 2 4.258.402.90N/AN/AN/A
CVE-2008-4152, CVE-2008-4153
Tasklist 1 1 10.0010.0010.00N/AN/AN/A
CVE-2009-1034
Taxonomy Autotagger Module 1 2 5.007.404.65N/AN/AN/A
CVE-2008-3091, CVE-2008-3092
Taxonomy Image Module 1 1 4.308.602.90N/AN/AN/A
CVE-2008-2773
Taxonomy Manager 1 1 3.506.802.90N/AN/AN/A
CVE-2009-2079
Taxonomy Theme Module 1 1 3.506.802.90N/AN/AN/A
CVE-2009-0818
Textimage 1 1 5.0010.002.90N/AN/AN/A
CVE-2007-0658
Tinytax Taxonomy Block Module 1 1 3.506.802.90N/AN/AN/A
CVE-2008-3097
Token Module 1 1 3.506.802.90N/AN/AN/A
CVE-2007-5621
Trailscout Module 2 2 5.508.404.65N/AN/AN/A
CVE-2008-2849, CVE-2008-2850
Tribune 1 1 3.506.802.90N/AN/AN/A
CVE-2014-8075
Ubercart Module 2 4 3.907.702.90N/AN/AN/A
CVE-2007-5621, CVE-2008-1428, CVE-2008-1916, CVE-2008-1978
Upload Module 1 1 5.508.004.90N/AN/AN/A
CVE-2008-3745
User Karma Module 1 2 5.408.304.65N/AN/AN/A
CVE-2008-6275, CVE-2008-6276
Userpoints Module 1 1 4.308.602.90N/AN/AN/A
CVE-2008-0571
Views 1 2 5.508.404.65N/AN/AN/A
CVE-2008-6020, CVE-2009-2076
Views Builk Operations 1 1 4.308.602.90N/AN/AN/A
CVE-2011-3373
Views Bulk Operations 1 1 4.308.602.90N/AN/AN/A
CVE-2009-0575
Views Dynamic Field 1 1 7.5010.006.40N/AN/AN/A
CVE-2019-19826
Webform Module 1 1 4.308.602.90N/AN/AN/A
CVE-2008-1794
Workflow 1 1 4.308.602.90N/AN/AN/A
CVE-2008-0463
Zen 1 1 3.506.802.90N/AN/AN/A
CVE-2014-7980