Arbitrary Code Execution
Affecting drupal/core package, versions <7.58 || >=8.0, <8.3.9 || >=8.4.0, <8.4.6 || >=8.5.0, <8.5.1
drupal/core is an open source content management platform.
Affected versions of this package are vulnerable to Arbitrary Code Execution. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.
drupal/core to version 7.58, 8.3.9, 8.4.6, 8.5.1 or higher.