Review and assess vulnerability reported in Vulnerability Notifications 09/10/2024

bcgov / MFIN-Data-Catalogue

The Finance Data Catalogue enables users to discover data holdings at the BC Ministry of Finance and offers information and functionality that benefits consumers of data for business purposes. The product is built using Drupal and adheres to the Government of BC's Core Administrative and Descriptive etadata Standard.

Other

6 stars 0 forks source link

Review and assess vulnerability reported in Vulnerability Notifications 09/10/2024 #538

Closed NicoledeGreef closed 2 months ago

NicoledeGreef commented 2 months ago

Vulnerability and Risk Management (CITZ) publishes an email newsletter of vulnerabilities and Drupal was on the list for Sept 10, 2024.

https://www.drupal.org/sa-contrib-2024-036

chrislaick commented 2 months ago

The vulnerability pertains to the paragraphs_table module, which we aren't using in MFIN Data Catalogue. We are using paragraphs and paragraphs_features, which are unaffected by this vulnerability notice.

NicoledeGreef commented 2 months ago

Thanks @chrislaick