CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-13675

Drupal's JSON:API and REST/File modules allow file uploads through their HTTP APIs. The modules do not correctly run all file validation, which causes an access bypass vulnerability. An attacker might be able to upload files that bypass the file validation process implemented by modules on the site.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.5%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2020-13675

Drupal » Drupal » Version: 8.0.0

cpe:2.3:a:drupal:drupal:8.0.0
Drupal » Drupal » Version: 8.0.1

cpe:2.3:a:drupal:drupal:8.0.1
Drupal » Drupal » Version: 8.0.2

cpe:2.3:a:drupal:drupal:8.0.2
Drupal » Drupal » Version: 8.0.3

cpe:2.3:a:drupal:drupal:8.0.3
Drupal » Drupal » Version: 8.0.4

cpe:2.3:a:drupal:drupal:8.0.4
Drupal » Drupal » Version: 8.0.5

cpe:2.3:a:drupal:drupal:8.0.5
Drupal » Drupal » Version: 8.0.6

cpe:2.3:a:drupal:drupal:8.0.6
Drupal » Drupal » Version: 8.1.0

cpe:2.3:a:drupal:drupal:8.1.0
Drupal » Drupal » Version: 8.1.1

cpe:2.3:a:drupal:drupal:8.1.1
Drupal » Drupal » Version: 8.1.10

cpe:2.3:a:drupal:drupal:8.1.10
Drupal » Drupal » Version: 8.1.2

cpe:2.3:a:drupal:drupal:8.1.2
Drupal » Drupal » Version: 8.1.3

cpe:2.3:a:drupal:drupal:8.1.3
Drupal » Drupal » Version: 8.1.4

cpe:2.3:a:drupal:drupal:8.1.4
Drupal » Drupal » Version: 8.1.5

cpe:2.3:a:drupal:drupal:8.1.5
Drupal » Drupal » Version: 8.1.6

cpe:2.3:a:drupal:drupal:8.1.6
Drupal » Drupal » Version: 8.1.7

cpe:2.3:a:drupal:drupal:8.1.7
Drupal » Drupal » Version: 8.1.8

cpe:2.3:a:drupal:drupal:8.1.8
Drupal » Drupal » Version: 8.1.9

cpe:2.3:a:drupal:drupal:8.1.9
Drupal » Drupal » Version: 8.2.0

cpe:2.3:a:drupal:drupal:8.2.0
Drupal » Drupal » Version: 8.2.1

cpe:2.3:a:drupal:drupal:8.2.1
Drupal » Drupal » Version: 8.2.2

cpe:2.3:a:drupal:drupal:8.2.2
Drupal » Drupal » Version: 8.2.3

cpe:2.3:a:drupal:drupal:8.2.3
Drupal » Drupal » Version: 8.2.4

cpe:2.3:a:drupal:drupal:8.2.4
Drupal » Drupal » Version: 8.2.5

cpe:2.3:a:drupal:drupal:8.2.5
Drupal » Drupal » Version: 8.2.6

cpe:2.3:a:drupal:drupal:8.2.6
Drupal » Drupal » Version: 8.2.7

cpe:2.3:a:drupal:drupal:8.2.7
Drupal » Drupal » Version: 8.2.8

cpe:2.3:a:drupal:drupal:8.2.8
Drupal » Drupal » Version: 8.3.0

cpe:2.3:a:drupal:drupal:8.3.0
Drupal » Drupal » Version: 8.3.1

cpe:2.3:a:drupal:drupal:8.3.1
Drupal » Drupal » Version: 8.3.2

cpe:2.3:a:drupal:drupal:8.3.2
Drupal » Drupal » Version: 8.3.3

cpe:2.3:a:drupal:drupal:8.3.3
Drupal » Drupal » Version: 8.3.4

cpe:2.3:a:drupal:drupal:8.3.4
Drupal » Drupal » Version: 8.3.5

cpe:2.3:a:drupal:drupal:8.3.5
Drupal » Drupal » Version: 8.3.6

cpe:2.3:a:drupal:drupal:8.3.6
Drupal » Drupal » Version: 8.3.7

cpe:2.3:a:drupal:drupal:8.3.7
Drupal » Drupal » Version: 8.3.8

cpe:2.3:a:drupal:drupal:8.3.8
Drupal » Drupal » Version: 8.3.9

cpe:2.3:a:drupal:drupal:8.3.9
Drupal » Drupal » Version: 8.4.0

cpe:2.3:a:drupal:drupal:8.4.0
Drupal » Drupal » Version: 8.4.1

cpe:2.3:a:drupal:drupal:8.4.1
Drupal » Drupal » Version: 8.4.2

cpe:2.3:a:drupal:drupal:8.4.2
Drupal » Drupal » Version: 8.4.3

cpe:2.3:a:drupal:drupal:8.4.3
Drupal » Drupal » Version: 8.4.4

cpe:2.3:a:drupal:drupal:8.4.4
Drupal » Drupal » Version: 8.4.5

cpe:2.3:a:drupal:drupal:8.4.5
Drupal » Drupal » Version: 8.4.6

cpe:2.3:a:drupal:drupal:8.4.6
Drupal » Drupal » Version: 8.4.7

cpe:2.3:a:drupal:drupal:8.4.7
Drupal » Drupal » Version: 8.4.8

cpe:2.3:a:drupal:drupal:8.4.8
Drupal » Drupal » Version: 8.5.0

cpe:2.3:a:drupal:drupal:8.5.0
Drupal » Drupal » Version: 8.5.1

cpe:2.3:a:drupal:drupal:8.5.1
Drupal » Drupal » Version: 8.5.10

cpe:2.3:a:drupal:drupal:8.5.10
Drupal » Drupal » Version: 8.5.11

cpe:2.3:a:drupal:drupal:8.5.11
Drupal » Drupal » Version: 8.5.12

cpe:2.3:a:drupal:drupal:8.5.12
Drupal » Drupal » Version: 8.5.13

cpe:2.3:a:drupal:drupal:8.5.13
Drupal » Drupal » Version: 8.5.14

cpe:2.3:a:drupal:drupal:8.5.14
Drupal » Drupal » Version: 8.5.15

cpe:2.3:a:drupal:drupal:8.5.15
Drupal » Drupal » Version: 8.5.2

cpe:2.3:a:drupal:drupal:8.5.2
Drupal » Drupal » Version: 8.5.3

cpe:2.3:a:drupal:drupal:8.5.3
Drupal » Drupal » Version: 8.5.4

cpe:2.3:a:drupal:drupal:8.5.4
Drupal » Drupal » Version: 8.5.5

cpe:2.3:a:drupal:drupal:8.5.5
Drupal » Drupal » Version: 8.5.6

cpe:2.3:a:drupal:drupal:8.5.6
Drupal » Drupal » Version: 8.5.7

cpe:2.3:a:drupal:drupal:8.5.7
Drupal » Drupal » Version: 8.5.8

cpe:2.3:a:drupal:drupal:8.5.8
Drupal » Drupal » Version: 8.5.9

cpe:2.3:a:drupal:drupal:8.5.9
Drupal » Drupal » Version: 8.6.0

cpe:2.3:a:drupal:drupal:8.6.0
Drupal » Drupal » Version: 8.6.1

cpe:2.3:a:drupal:drupal:8.6.1
Drupal » Drupal » Version: 8.6.10

cpe:2.3:a:drupal:drupal:8.6.10
Drupal » Drupal » Version: 8.6.11

cpe:2.3:a:drupal:drupal:8.6.11
Drupal » Drupal » Version: 8.6.12

cpe:2.3:a:drupal:drupal:8.6.12
Drupal » Drupal » Version: 8.6.13

cpe:2.3:a:drupal:drupal:8.6.13
Drupal » Drupal » Version: 8.6.14

cpe:2.3:a:drupal:drupal:8.6.14
Drupal » Drupal » Version: 8.6.15

cpe:2.3:a:drupal:drupal:8.6.15
Drupal » Drupal » Version: 8.6.16

cpe:2.3:a:drupal:drupal:8.6.16
Drupal » Drupal » Version: 8.6.17

cpe:2.3:a:drupal:drupal:8.6.17
Drupal » Drupal » Version: 8.6.18

cpe:2.3:a:drupal:drupal:8.6.18
Drupal » Drupal » Version: 8.6.2

cpe:2.3:a:drupal:drupal:8.6.2
Drupal » Drupal » Version: 8.6.3

cpe:2.3:a:drupal:drupal:8.6.3
Drupal » Drupal » Version: 8.6.4

cpe:2.3:a:drupal:drupal:8.6.4
Drupal » Drupal » Version: 8.6.5

cpe:2.3:a:drupal:drupal:8.6.5
Drupal » Drupal » Version: 8.6.6

cpe:2.3:a:drupal:drupal:8.6.6
Drupal » Drupal » Version: 8.6.7

cpe:2.3:a:drupal:drupal:8.6.7
Drupal » Drupal » Version: 8.6.8

cpe:2.3:a:drupal:drupal:8.6.8
Drupal » Drupal » Version: 8.6.9

cpe:2.3:a:drupal:drupal:8.6.9
Drupal » Drupal » Version: 8.7.0

cpe:2.3:a:drupal:drupal:8.7.0
Drupal » Drupal » Version: 8.7.1

cpe:2.3:a:drupal:drupal:8.7.1
Drupal » Drupal » Version: 8.7.10

cpe:2.3:a:drupal:drupal:8.7.10
Drupal » Drupal » Version: 8.7.11

cpe:2.3:a:drupal:drupal:8.7.11
Drupal » Drupal » Version: 8.7.12

cpe:2.3:a:drupal:drupal:8.7.12
Drupal » Drupal » Version: 8.7.13

cpe:2.3:a:drupal:drupal:8.7.13
Drupal » Drupal » Version: 8.7.14

cpe:2.3:a:drupal:drupal:8.7.14
Drupal » Drupal » Version: 8.7.2

cpe:2.3:a:drupal:drupal:8.7.2
Drupal » Drupal » Version: 8.7.3

cpe:2.3:a:drupal:drupal:8.7.3
Drupal » Drupal » Version: 8.7.4

cpe:2.3:a:drupal:drupal:8.7.4
Drupal » Drupal » Version: 8.7.5

cpe:2.3:a:drupal:drupal:8.7.5
Drupal » Drupal » Version: 8.7.6

cpe:2.3:a:drupal:drupal:8.7.6
Drupal » Drupal » Version: 8.7.7

cpe:2.3:a:drupal:drupal:8.7.7
Drupal » Drupal » Version: 8.7.8

cpe:2.3:a:drupal:drupal:8.7.8
Drupal » Drupal » Version: 8.7.9

cpe:2.3:a:drupal:drupal:8.7.9
Drupal » Drupal » Version: 8.8.0

cpe:2.3:a:drupal:drupal:8.8.0
Drupal » Drupal » Version: 8.8.1

cpe:2.3:a:drupal:drupal:8.8.1
Drupal » Drupal » Version: 8.8.10

cpe:2.3:a:drupal:drupal:8.8.10
Drupal » Drupal » Version: 8.8.11

cpe:2.3:a:drupal:drupal:8.8.11
Drupal » Drupal » Version: 8.8.12

cpe:2.3:a:drupal:drupal:8.8.12
Drupal » Drupal » Version: 8.8.2

cpe:2.3:a:drupal:drupal:8.8.2
Drupal » Drupal » Version: 8.8.3

cpe:2.3:a:drupal:drupal:8.8.3
Drupal » Drupal » Version: 8.8.4

cpe:2.3:a:drupal:drupal:8.8.4
Drupal » Drupal » Version: 8.8.5

cpe:2.3:a:drupal:drupal:8.8.5
Drupal » Drupal » Version: 8.8.6

cpe:2.3:a:drupal:drupal:8.8.6
Drupal » Drupal » Version: 8.8.7

cpe:2.3:a:drupal:drupal:8.8.7
Drupal » Drupal » Version: 8.8.8

cpe:2.3:a:drupal:drupal:8.8.8
Drupal » Drupal » Version: 8.8.9

cpe:2.3:a:drupal:drupal:8.8.9
Drupal » Drupal » Version: 8.9.0

cpe:2.3:a:drupal:drupal:8.9.0
Drupal » Drupal » Version: 8.9.1

cpe:2.3:a:drupal:drupal:8.9.1
Drupal » Drupal » Version: 8.9.10

cpe:2.3:a:drupal:drupal:8.9.10
Drupal » Drupal » Version: 8.9.11

cpe:2.3:a:drupal:drupal:8.9.11
Drupal » Drupal » Version: 8.9.12

cpe:2.3:a:drupal:drupal:8.9.12
Drupal » Drupal » Version: 8.9.13

cpe:2.3:a:drupal:drupal:8.9.13
Drupal » Drupal » Version: 8.9.14

cpe:2.3:a:drupal:drupal:8.9.14
Drupal » Drupal » Version: 8.9.15

cpe:2.3:a:drupal:drupal:8.9.15
Drupal » Drupal » Version: 8.9.16

cpe:2.3:a:drupal:drupal:8.9.16
Drupal » Drupal » Version: 8.9.17

cpe:2.3:a:drupal:drupal:8.9.17
Drupal » Drupal » Version: 8.9.18

cpe:2.3:a:drupal:drupal:8.9.18
Drupal » Drupal » Version: 8.9.2

cpe:2.3:a:drupal:drupal:8.9.2
Drupal » Drupal » Version: 8.9.3

cpe:2.3:a:drupal:drupal:8.9.3
Drupal » Drupal » Version: 8.9.4

cpe:2.3:a:drupal:drupal:8.9.4
Drupal » Drupal » Version: 8.9.5

cpe:2.3:a:drupal:drupal:8.9.5
Drupal » Drupal » Version: 8.9.6

cpe:2.3:a:drupal:drupal:8.9.6
Drupal » Drupal » Version: 8.9.7

cpe:2.3:a:drupal:drupal:8.9.7
Drupal » Drupal » Version: 8.9.8

cpe:2.3:a:drupal:drupal:8.9.8
Drupal » Drupal » Version: 8.9.9

cpe:2.3:a:drupal:drupal:8.9.9
Drupal » Drupal » Version: 9.1.0

cpe:2.3:a:drupal:drupal:9.1.0
Drupal » Drupal » Version: 9.1.1

cpe:2.3:a:drupal:drupal:9.1.1
Drupal » Drupal » Version: 9.1.10

cpe:2.3:a:drupal:drupal:9.1.10
Drupal » Drupal » Version: 9.1.11

cpe:2.3:a:drupal:drupal:9.1.11
Drupal » Drupal » Version: 9.1.12

cpe:2.3:a:drupal:drupal:9.1.12
Drupal » Drupal » Version: 9.1.2

cpe:2.3:a:drupal:drupal:9.1.2
Drupal » Drupal » Version: 9.1.3

cpe:2.3:a:drupal:drupal:9.1.3
Drupal » Drupal » Version: 9.1.4

cpe:2.3:a:drupal:drupal:9.1.4
Drupal » Drupal » Version: 9.1.5

cpe:2.3:a:drupal:drupal:9.1.5
Drupal » Drupal » Version: 9.1.6

cpe:2.3:a:drupal:drupal:9.1.6
Drupal » Drupal » Version: 9.1.7

cpe:2.3:a:drupal:drupal:9.1.7
Drupal » Drupal » Version: 9.1.8

cpe:2.3:a:drupal:drupal:9.1.8
Drupal » Drupal » Version: 9.1.9

cpe:2.3:a:drupal:drupal:9.1.9
Drupal » Drupal » Version: 9.2.0

cpe:2.3:a:drupal:drupal:9.2.0
Drupal » Drupal » Version: 9.2.1

cpe:2.3:a:drupal:drupal:9.2.1
Drupal » Drupal » Version: 9.2.2

cpe:2.3:a:drupal:drupal:9.2.2
Drupal » Drupal » Version: 9.2.3

cpe:2.3:a:drupal:drupal:9.2.3
Drupal » Drupal » Version: 9.2.4

cpe:2.3:a:drupal:drupal:9.2.4
Drupal » Drupal » Version: 9.2.5

cpe:2.3:a:drupal:drupal:9.2.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-13675

Products

Pricing

Contact Us