CVE-2015-6659
Published: 24 August 2015
SQL injection vulnerability in the SQL comment filtering system in the Database API in Drupal 7.x before 7.39 allows remote attackers to execute arbitrary SQL commands via an SQL comment.
Priority
Status
Package | Release | Status |
---|---|---|
drupal7 Launchpad, Ubuntu, Debian |
vivid |
Released
(7.32-1+deb8u5build0.15.04.1)
|
precise |
Ignored
(end of life)
|
|
artful |
Ignored
(end of life)
|
|
bionic |
Does not exist
|
|
cosmic |
Does not exist
|
|
disco |
Does not exist
|
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Needed
|
|
upstream |
Released
(7.39-1)
|
|
wily |
Ignored
(end of life)
|
|
xenial |
Not vulnerable
(7.44-1ubuntu1~16.04.0)
|
|
yakkety |
Ignored
(end of life)
|
|
zesty |
Ignored
(end of life)
|
|
mantic |
Does not exist
|
|
drupal6 Launchpad, Ubuntu, Debian |
precise |
Ignored
(end of life)
|
artful |
Does not exist
|
|
bionic |
Does not exist
|
|
cosmic |
Does not exist
|
|
disco |
Does not exist
|
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.37)
|
|
vivid |
Does not exist
|
|
wily |
Does not exist
|
|
xenial |
Does not exist
|
|
yakkety |
Does not exist
|
|
zesty |
Does not exist
|
|
mantic |
Does not exist
|