Vendor Report: Drupal

VendorDrupal
Vendor CVE Table4231381910351413385272353761
Vendor CVE Counts by Year Graph

Vendor OWASP CVE Counts by Year Table
Title 2020 2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007 2006 2005 2002
Sql Injection 1 0 0 0 0 1 1 0 1 0 0 7 7 2 6 0 0
Broken Authentication 0 0 0 0 1 0 1 1 1 0 3 2 4 0 1 0 0
Broken Access Control 0 0 1 0 0 0 0 0 0 0 0 0 2 3 1 0 0
Cross Site Scripting (XSS) 0 7 2 0 1 2 22 2 3 1 3 29 31 11 20 2 1
Using Components with Known Vulnerabilities 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0
Unvalidated Redirect 0 1 0 3 3 2 0 1 1 0 0 0 0 1 2 0 0
Cross Site Request Forgery 0 1 0 1 0 1 1 2 1 0 0 6 7 4 1 0 0
Insufficient Logging and Monitoring 0 0 0 0 1 1 0 0 1 0 1 1 2 2 1 0 0
Brute Force 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0
Cache Poisioning 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0
HTTP Response Splitting 0 0 0 0 1 0 0 0 0 0 0 0 0 1 0 0 0
Spoofing 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0
Session Fixation 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 0 0
Vendor OWASP CVE Counts by Year Graph

Vendor Data Table

ProductVersion CountCVE CountCvssV2 Base Score - AverageCvssV2 Exploitability Score - AverageBaseV2 Impact Score - AverageCvssV3 Base Score - AverageCvssV3 Exploitability Score - AverageBaseV3 Impact Score - AverageCVEs
Acidfree 1 1 6.006.806.40N/AN/AN/A
CVE-2007-0507
Activity 1 2 5.157.704.65N/AN/AN/A
CVE-2012-2078, CVE-2012-2079
Aggregation Module 1 4 6.988.956.43N/AN/AN/A
CVE-2008-2998, CVE-2008-2999, CVE-2008-3000, CVE-2008-3001
Ajax Checklist 1 2 4.756.804.65N/AN/AN/A
CVE-2008-5998, CVE-2008-5999
Archive Module 1 1 4.308.602.90N/AN/AN/A
CVE-2008-0462
Asin Field Module 1 1 3.506.802.90N/AN/AN/A
CVE-2007-5621
Atom Module 1 1 5.0010.002.90N/AN/AN/A
CVE-2008-0275
Audio Module 1 1 7.5010.006.40N/AN/AN/A
CVE-2007-1035
Authenticated User Page Caching 1 1 4.008.002.90N/AN/AN/A
CVE-2013-4226
Avatar Uploader 1 1 5.0010.002.907.503.903.60
CVE-2018-9205
Bibliography Module 1 2 5.909.304.65N/AN/AN/A
CVE-2006-4108, CVE-2006-4109
Bluemasters 1 1 3.506.802.90N/AN/AN/A
CVE-2014-7978
Brilliant Gallery 1 2 5.508.404.65N/AN/AN/A
CVE-2008-4530, CVE-2008-4531
Bueditor 1 1 4.308.602.90N/AN/AN/A
CVE-2008-0271
Cck Comment Reference 1 1 4.308.602.90N/AN/AN/A
CVE-2009-1342
Chatroom Module 2 2 7.5010.006.40N/AN/AN/A
CVE-2006-6528, CVE-2006-6529
Comment Mail 1 1 6.808.606.40N/AN/AN/A
CVE-2008-6384
Comment Upload Module 1 1 6.4010.004.90N/AN/AN/A
CVE-2008-0569
Commons 1 1 4.308.602.90N/AN/AN/A
CVE-2014-8747
Content Construction Kit 3 3 4.038.002.90N/AN/AN/A
CVE-2007-4363, CVE-2008-6229, CVE-2009-1069
Context Form Alteration Module 1 1 3.506.802.90N/AN/AN/A
CVE-2014-7869
Custom Search Module 1 2 3.506.802.90N/AN/AN/A
CVE-2014-7870, CVE-2014-8745
Cvs Management And Tracker 1 1 6.808.606.40N/AN/AN/A
CVE-2006-6386
Data 1 2 5.909.304.65N/AN/AN/A
CVE-2011-2714, CVE-2011-2715
Database Administration Module 1 2 5.909.304.65N/AN/AN/A
CVE-2007-2159, CVE-2007-2160
Devel Module 1 1 2.604.902.90N/AN/AN/A
CVE-2010-3022
Doubleclick For Publishers 1 1 3.506.802.90N/AN/AN/A
CVE-2014-8748
Drupal 24 200 5.138.284.256.882.763.93
CVE-2002-1806, CVE-2005-0682, CVE-2005-1871, CVE-2005-2106, CVE-2005-3973,
CVE-2005-3974, CVE-2005-3975, CVE-2006-0070, CVE-2006-1225, CVE-2006-1226,
CVE-2006-1227, CVE-2006-1228, CVE-2006-2260, CVE-2006-2742, CVE-2006-2743,
CVE-2006-2831, CVE-2006-2832, CVE-2006-2833, CVE-2006-3570, CVE-2006-4002,
CVE-2006-4120, CVE-2006-5475, CVE-2006-5476, CVE-2006-5477, CVE-2007-0124,
CVE-2007-0136, CVE-2007-0626, CVE-2007-0658, CVE-2007-4063, CVE-2007-4064,
CVE-2007-5416, CVE-2007-5593, CVE-2007-5594, CVE-2007-5595, CVE-2007-5596,
CVE-2007-5597, CVE-2007-5621, CVE-2007-6299, CVE-2007-6752, CVE-2008-0272,
CVE-2008-0273, CVE-2008-0274, CVE-2008-0276, CVE-2008-0462, CVE-2008-1131,
CVE-2008-1133, CVE-2008-1729, CVE-2008-2271, CVE-2008-2771, CVE-2008-2999,
CVE-2008-3094, CVE-2008-3218, CVE-2008-3219, CVE-2008-3220, CVE-2008-3221,
CVE-2008-3222, CVE-2008-3223, CVE-2008-3661, CVE-2008-3740, CVE-2008-3741,
CVE-2008-3742, CVE-2008-3743, CVE-2008-3744, CVE-2008-3745, CVE-2008-4789,
CVE-2008-4790, CVE-2008-4791, CVE-2008-4792, CVE-2008-4793, CVE-2008-6170,
CVE-2008-6171, CVE-2008-6532, CVE-2008-6533, CVE-2009-1047, CVE-2009-1575,
CVE-2009-1576, CVE-2009-1844, CVE-2009-2372, CVE-2009-2373, CVE-2009-2374,
CVE-2009-3156, CVE-2009-3479, CVE-2009-4066, CVE-2009-4369, CVE-2009-4370,
CVE-2009-4371, CVE-2010-2250, CVE-2010-2471, CVE-2010-2472, CVE-2010-2473,
CVE-2010-3091, CVE-2010-3092, CVE-2010-3093, CVE-2010-3094, CVE-2010-3685,
CVE-2010-3686, CVE-2011-2687, CVE-2011-2714, CVE-2011-2715, CVE-2011-2726,
CVE-2011-3730, CVE-2012-0825, CVE-2012-0826, CVE-2012-0827, CVE-2012-1588,
CVE-2012-1589, CVE-2012-1590, CVE-2012-1591, CVE-2012-2153, CVE-2012-2306,
CVE-2012-2339, CVE-2012-2922, CVE-2012-4553, CVE-2012-4554, CVE-2012-5651,
CVE-2012-5652, CVE-2012-5653, CVE-2013-0244, CVE-2013-0245, CVE-2013-0246,
CVE-2013-0316, CVE-2013-6385, CVE-2013-6386, CVE-2013-6387, CVE-2013-6388,
CVE-2013-6389, CVE-2014-1475, CVE-2014-1476, CVE-2014-1607, CVE-2014-2983,
CVE-2014-5019, CVE-2014-5020, CVE-2014-5021, CVE-2014-5022, CVE-2014-5265,
CVE-2014-5266, CVE-2014-5267, CVE-2014-9015, CVE-2014-9016, CVE-2015-2559,
CVE-2015-2749, CVE-2015-2750, CVE-2015-3231, CVE-2015-3232, CVE-2015-3233,
CVE-2015-3234, CVE-2015-6658, CVE-2015-6659, CVE-2015-6660, CVE-2015-6661,
CVE-2015-6665, CVE-2015-7880, CVE-2015-7943, CVE-2016-3162, CVE-2016-3163,
CVE-2016-3164, CVE-2016-3165, CVE-2016-3166, CVE-2016-3167, CVE-2016-3168,
CVE-2016-3169, CVE-2016-3170, CVE-2016-3171, CVE-2016-6211, CVE-2016-6212,
CVE-2016-7570, CVE-2016-7571, CVE-2016-7572, CVE-2016-9449, CVE-2016-9450,
CVE-2016-9451, CVE-2016-9452, CVE-2017-6377, CVE-2017-6379, CVE-2017-6381,
CVE-2017-6919, CVE-2017-6920, CVE-2017-6921, CVE-2017-6922, CVE-2017-6923,
CVE-2017-6924, CVE-2017-6925, CVE-2017-6926, CVE-2017-6927, CVE-2017-6928,
CVE-2017-6929, CVE-2017-6930, CVE-2017-6931, CVE-2017-6932, CVE-2018-7600,
CVE-2018-7602, CVE-2018-9861, CVE-2019-10909, CVE-2019-11358, CVE-2019-11876,
CVE-2019-6338, CVE-2019-6339, CVE-2019-6340, CVE-2019-6341, CVE-2019-6342
Drupal Core 1 1 7.5010.006.40N/AN/AN/A
CVE-2014-3704
Drupal E-commerce Module 1 1 3.506.802.90N/AN/AN/A
CVE-2006-4360
Drupal Easylinks Module 1 2 5.057.454.65N/AN/AN/A
CVE-2006-4355, CVE-2006-4356
Drupal Mysite 1 1 6.808.606.40N/AN/AN/A
CVE-2006-6647
Drupal Pathauto Module 1 1 6.808.606.40N/AN/AN/A
CVE-2006-4646
Drupal Project 1 1 6.808.606.40N/AN/AN/A
CVE-2006-6646
Drupal Project Issue Tracking 1 3 4.607.404.07N/AN/AN/A
CVE-2006-6646, CVE-2007-1368, CVE-2007-5228
Drupal Pubcookie Module 1 1 7.5010.006.40N/AN/AN/A
CVE-2006-4717
Drupal Userreview Module 1 1 4.308.602.90N/AN/AN/A
CVE-2006-4821
E-commerce Module 1 1 3.506.802.90N/AN/AN/A
CVE-2007-5621
E-publish 1 1 4.308.602.90N/AN/AN/A
CVE-2008-1980
Everyblog 1 4 6.709.655.53N/AN/AN/A
CVE-2008-6134, CVE-2008-6135, CVE-2008-6136, CVE-2008-6137
Extended Tracker 1 1 7.5010.006.40N/AN/AN/A
CVE-2006-5608
Faq 1 1 4.308.602.90N/AN/AN/A
CVE-2012-1646
Feature Module 1 1 4.308.602.90N/AN/AN/A
CVE-2007-6320
Feedapi Mapper 1 1 4.308.602.90N/AN/AN/A
CVE-2009-1249
Fileshare Module 1 1 8.506.8010.00N/AN/AN/A
CVE-2008-0277
Form Mail Module 1 1 7.5010.006.40N/AN/AN/A
CVE-2006-3473
Forward Module 1 1 7.8010.006.90N/AN/AN/A
CVE-2007-3690
Fullname Field For Cck 1 1 3.506.802.90N/AN/AN/A
CVE-2007-5621
Getid3 1 1 7.5010.006.40N/AN/AN/A
CVE-2007-1035
Header Image 1 1 10.0010.0010.00N/AN/AN/A
CVE-2008-0823
Help Tip Module 1 2 7.159.306.40N/AN/AN/A
CVE-2006-6530, CVE-2006-6531
Imce Module 1 2 6.008.005.65N/AN/AN/A
CVE-2006-7109, CVE-2006-7110
Internationalization 1 1 4.308.602.90N/AN/AN/A
CVE-2009-0382
Invite Module 1 1 3.506.802.90N/AN/AN/A
CVE-2007-5621
Job Search 1 1 7.5010.006.40N/AN/AN/A
CVE-2006-4107
Link Module 1 1 3.506.802.90N/AN/AN/A
CVE-2009-0603
Link To Us 1 1 4.308.602.90N/AN/AN/A
CVE-2008-4149
Localization Client 2 2 5.558.604.65N/AN/AN/A
CVE-2008-6169, CVE-2009-1344
Localization Server 1 1 6.808.606.40N/AN/AN/A
CVE-2008-6169
Logintoboggan Module 1 2 3.907.702.90N/AN/AN/A
CVE-2007-3817, CVE-2007-3818
Maestro 1 1 3.506.802.90N/AN/AN/A
CVE-2014-8743
Magic Tabs Module 1 1 7.5010.006.40N/AN/AN/A
CVE-2008-2772
Mailhandler 1 1 7.5010.006.40N/AN/AN/A
CVE-2008-4148
Mailsave 1 1 4.308.602.90N/AN/AN/A
CVE-2008-4147
Mayo 1 1 4.008.002.90N/AN/AN/A
CVE-2014-8079
Mediafield Module 1 1 7.5010.006.40N/AN/AN/A
CVE-2007-1035
Meta Tags Module 1 1 6.808.606.40N/AN/AN/A
CVE-2008-0264
Modal Frame 1 1 4.308.602.90N/AN/AN/A
CVE-2014-8296
Mrbs Module 1 1 6.808.606.40N/AN/AN/A
CVE-2013-7407
News Page 1 1 6.508.006.40N/AN/AN/A
CVE-2009-1505
Newsflash 1 1 3.506.802.90N/AN/AN/A
CVE-2014-8077
Nivo Slider 1 1 3.506.802.90N/AN/AN/A
CVE-2014-8744
Node Clone 1 1 6.006.806.40N/AN/AN/A
CVE-2008-4633
Node Hierarchy Module 1 1 5.0010.002.90N/AN/AN/A
CVE-2008-2771
Node Relativity Module 1 1 3.506.802.90N/AN/AN/A
CVE-2007-5621
Nodeaccess Userreference 1 1 7.5010.006.40N/AN/AN/A
CVE-2009-1507
Nodefamily 1 1 6.006.806.40N/AN/AN/A
CVE-2007-1360
Nodequeue 1 1 3.506.802.90N/AN/AN/A
CVE-2009-2074
Openid 1 1 5.0010.002.90N/AN/AN/A
CVE-2008-0570
Organic Groups Menu 1 1 3.506.802.90N/AN/AN/A
CVE-2014-8734
Organic Groups Module 1 2 3.907.702.90N/AN/AN/A
CVE-2008-3094, CVE-2008-3095
Outline Designer Module 1 1 6.508.006.40N/AN/AN/A
CVE-2008-3096
Pathauto Module 1 1 3.506.802.90N/AN/AN/A
CVE-2007-5621
Paypal Node Module 1 1 3.506.802.90N/AN/AN/A
CVE-2007-5621
Petition Node Module 1 1 3.506.802.90N/AN/AN/A
CVE-2011-4560
Plus1 1 1 6.808.606.40N/AN/AN/A
CVE-2009-1036
Print 2 5 3.947.782.90N/AN/AN/A
CVE-2009-1037, CVE-2009-1047, CVE-2009-1343, CVE-2009-1823, CVE-2014-8078
Print Module 1 1 7.8010.006.90N/AN/AN/A
CVE-2007-3689
Professional Theme 1 1 3.506.802.90N/AN/AN/A
CVE-2014-8076
Project 3 4 5.958.055.55N/AN/AN/A
CVE-2007-0505, CVE-2007-0506, CVE-2007-0534, CVE-2007-4436
Project Issue File Review 1 1 4.308.602.90N/AN/AN/A
CVE-2014-8765
Project Issue Tracking Module 3 6 5.758.475.00N/AN/AN/A
CVE-2007-0505, CVE-2007-0506, CVE-2007-0534, CVE-2007-4436, CVE-2008-0576,
CVE-2008-0577
Protected Node Module 1 1 3.506.802.90N/AN/AN/A
CVE-2009-0817
Quick Tabs 1 1 3.506.802.90N/AN/AN/A
CVE-2012-1637
Quiz 1 1 3.506.802.90N/AN/AN/A
CVE-2009-1942
Randomizer 1 1 4.308.602.90N/AN/AN/A
CVE-2009-4602
Realname 1 1 4.308.602.90N/AN/AN/A
CVE-2012-2298
Recipe Module 1 1 5.104.906.40N/AN/AN/A
CVE-2006-4120
Search Keyword Module 1 1 6.808.606.40N/AN/AN/A
CVE-2006-4947
Secure Site Module 1 2 8.7510.008.20N/AN/AN/A
CVE-2007-1033, CVE-2008-0568
Semantically Interconnected Online Communities 1 1 5.0010.002.90N/AN/AN/A
CVE-2008-6160
Services Module For Drupal 1 1 6.4010.004.90N/AN/AN/A
CVE-2009-2035
Shindig-integrator 1 3 6.439.535.23N/AN/AN/A
CVE-2008-4596, CVE-2008-4597, CVE-2008-4598
Shoutbox 1 1 4.308.602.90N/AN/AN/A
CVE-2007-6298
Simplecorp 1 1 3.506.802.90N/AN/AN/A
CVE-2014-7979
Site Documentation Module 1 1 7.5010.006.40N/AN/AN/A
CVE-2008-2271
Site Profile Directory Module 1 1 4.308.602.90N/AN/AN/A
CVE-2006-4949
Skeleton Theme 1 1 3.506.802.90N/AN/AN/A
CVE-2014-8746
Stock Module 1 1 4.308.602.90N/AN/AN/A
CVE-2008-4710
Storage Api 1 1 7.5010.006.409.803.905.90
CVE-2014-5170
Storm 1 1 6.006.806.40N/AN/AN/A
CVE-2008-6383
Suggested Terms Module 1 1 4.308.602.90N/AN/AN/A
CVE-2008-3500
Svg Sanitizer 1 1 5.0010.002.90N/AN/AN/A
CVE-2019-18856
Talk 1 2 4.258.402.90N/AN/AN/A
CVE-2008-4152, CVE-2008-4153
Tasklist 1 1 10.0010.0010.00N/AN/AN/A
CVE-2009-1034
Taxonomy Autotagger Module 1 2 5.007.404.65N/AN/AN/A
CVE-2008-3091, CVE-2008-3092
Taxonomy Image Module 1 1 4.308.602.90N/AN/AN/A
CVE-2008-2773
Taxonomy Manager 1 1 3.506.802.90N/AN/AN/A
CVE-2009-2079
Taxonomy Theme Module 1 1 3.506.802.90N/AN/AN/A
CVE-2009-0818
Textimage 1 1 5.0010.002.90N/AN/AN/A
CVE-2007-0658
Tinytax Taxonomy Block Module 1 1 3.506.802.90N/AN/AN/A
CVE-2008-3097
Token Module 1 1 3.506.802.90N/AN/AN/A
CVE-2007-5621
Trailscout Module 2 2 5.508.404.65N/AN/AN/A
CVE-2008-2849, CVE-2008-2850
Tribune 1 1 3.506.802.90N/AN/AN/A
CVE-2014-8075
Ubercart Module 2 4 3.907.702.90N/AN/AN/A
CVE-2007-5621, CVE-2008-1428, CVE-2008-1916, CVE-2008-1978
Upload Module 1 1 5.508.004.90N/AN/AN/A
CVE-2008-3745
User Karma Module 1 2 5.408.304.65N/AN/AN/A
CVE-2008-6275, CVE-2008-6276
Userpoints Module 1 1 4.308.602.90N/AN/AN/A
CVE-2008-0571
Views 1 2 5.508.404.65N/AN/AN/A
CVE-2008-6020, CVE-2009-2076
Views Builk Operations 1 1 4.308.602.90N/AN/AN/A
CVE-2011-3373
Views Bulk Operations 1 1 4.308.602.90N/AN/AN/A
CVE-2009-0575
Views Dynamic Field 1 1 7.5010.006.40N/AN/AN/A
CVE-2019-19826
Webform Module 1 1 4.308.602.90N/AN/AN/A
CVE-2008-1794
Workflow 1 1 4.308.602.90N/AN/AN/A
CVE-2008-0463
Zen 1 1 3.506.802.90N/AN/AN/A
CVE-2014-7980