Candidate: CVE-2019-6342
PublicDate: 2020-05-28 21:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6342
 https://www.drupal.org/sa-core-2019-008
Description:
 An access bypass vulnerability exists when the experimental Workspaces
 module in Drupal 8 core is enabled. This can be mitigated by disabling the
 Workspaces module. It does not affect any release other than Drupal 8.7.4.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]


Patches_drupal7:
upstream_drupal7: not-affected (debian: Drupal 7 not affected)
precise/esm_drupal7: DNE
trusty_drupal7: ignored (out of standard support)
trusty/esm_drupal7: DNE
xenial_drupal7: ignored (end of standard support, was needs-triage)
bionic_drupal7: DNE
disco_drupal7: DNE
eoan_drupal7: DNE
focal_drupal7: DNE
groovy_drupal7: DNE
hirsute_drupal7: DNE
impish_drupal7: DNE
jammy_drupal7: DNE
devel_drupal7: DNE