Description
Drupal core 8 before versions 8.3.4 allows remote attackers to execute arbitrary code due to the PECL YAML parser not handling PHP objects safely during certain operations.
Remediation
References
Related Vulnerabilities
MySQL CVE-2022-21307 Vulnerability (CVE-2022-21307)
WordPress Plugin Weather for us-animated weather widget Crypto Mining (1.8)
Serendipity URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-5474)
MySQL CVE-2019-2531 Vulnerability (CVE-2019-2531)
WordPress Plugin Responsive Lightbox2 Cross-Site Scripting (1.0.2)