• Overview
    Frameworks
    • Drupal
    • WordPress
    • Symfony
    • Magento
    • See all frameworks
    Features
    • Observability
    • Auto-scaling
    Solutions
    • Marketing Teams
    • Retail
    • Higher Education
  • Pricing
  • Featured articles
    • Switching to Platform.sh can help IT/DevOps organizations drive 219% ROI
    • Organizations, the ultimate way to manage your users and projects
  • Support
  • Docs
  • Contact
  • Login
  • Free Trial
Blog
Thumbnail

Drupal critical core vulnerability announced

drupal
March 28, 2018
Joey Stanford
Joey Stanford
Security, Compliance and Data Protection Officer

A week ago the Drupal security team published a dire-sounding advisory PSA-2018-001, rated highly-critical for Drupal core. The announcement has now been made as SA-CORE-2018-002.

The last time around when there was a Highly-Critical vulnerability for Drupal Core AKA the “DrupaGeddon” episode millions of sites were affected, so we are taking this extremely seriously.

All Drupal users are advised to update their sites to 8.5.1 / 8.4.9 / 8.3.8 / 7.58 immediately. We are working on a platform-level fix as well and will announce more details very soon.

Get the latest Platform.sh news and resources
Subscribe

Related Content

Cover image

A series of unfortunate commits: notable software security stories

Company
AboutSecurity and complianceTrust CenterBoard and investorsCareersPressContact us
System StatusPrivacyTerms of ServiceImpressumWCAG ComplianceManage your cookie preferencesReport a security issue
© 2022 Platform.sh. All rights reserved.
Supported by Horizon 2020's SME Instrument - European Commission 🇪🇺