• Overview
    • Django
    • Next.js
    • Drupal
    • WordPress
    • Symfony
    • Magento
    • See all frameworks
    • Observability
    • Auto-scaling
    • Marketing Teams
    • Retail
    • Higher Education
  • Pricing
  • Featured articles
    • Switching to Platform.sh can help IT/DevOps organizations drive 219% ROI
    • Organizations, the ultimate way to manage your users and projects
  • Support
  • Docs
  • Contact
  • Login
  • Free Trial

Drupal critical core vulnerability announced

March 28, 2018
Joey Stanford
Joey Stanford
Security, Compliance and Data Protection Officer

A week ago the Drupal security team published a dire-sounding advisory PSA-2018-001, rated highly-critical for Drupal core. The announcement has now been made as SA-CORE-2018-002.

The last time around when there was a Highly-Critical vulnerability for Drupal Core AKA the “DrupaGeddon” episode millions of sites were affected, so we are taking this extremely seriously.

All Drupal users are advised to update their sites to 8.5.1 / 8.4.9 / 8.3.8 / 7.58 immediately. We are working on a platform-level fix as well and will announce more details very soon.

Get the latest Platform.sh news and resources

Related Content

Cover image

A series of unfortunate commits: notable software security stories

AboutSecurity and complianceTrust CenterBoard and investorsCareersPressContact us
Leader Winter 2023
System StatusPrivacyTerms of ServiceImpressumWCAG ComplianceManage your cookie preferencesReport a security issue
© 2023 Platform.sh. All rights reserved.
Supported by Horizon 2020's SME Instrument - European Commission 🇪🇺