View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2018-7600 high priority: Ubuntu including 1 source packages (drupal7), 13 status rows across 13 suites (artful, bionic, cosmic, disco, eoan, focal, groovy, hirsute, impish, jammy, trusty, upstream, xenial): DNE 9, released 3, ignored 1.
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.