CVE 2017-6920
Drupal core 8 before versions 8.3.4 allows remote attackers to execute arbitrary code due to the PECL YAML parser not handling PHP objects safely during certain operations.
See the 
CVE page on Mitre.org
for more details.
Launchpad.net
References
- CONFIRM: https://www.drupal.org...
- BID: 99211
- SECTRACK: 1038781
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)