Project: Fast Autocomplete
Version: 8.x-1.7, 8.x-1.6, 8.x-1.5, 8.x-1.4, 8.x-1.3, 8.x-1.2, 8.x-1.1, 8.x-1.0
Date: 2021-March-17
Security risk: Moderately critical 12∕25
Vulnerability: Access bypass
I remember poking into Backdrop's code for the first time back in October 2014, when we tried to set it up on Drupion (the older incarnation of our company). According to a popular Russian proverb, "the first pancake is always wonky," so we ran into our first Backdrop problem right then. However, with the valuable input from the Backdrop community members we quickly made necessary changes and got it up and running.
Project: Subgroup
Version: 1.0.x-dev
Date: 2021-January-27
Security risk: Less critical 9∕25
Vulnerability:Access bypassThis module enables you to add groups to other groups in a tree structure where access can be inherited up or down the tree.
Project: Open Social
Versions: 8.x-9.x-dev, 8.x-8.x-dev
Date: 2021-January-27
Security risk: Moderately critical 12∕25
Vulnerability: Access bypassThe optional Social Auth Extra module enables you to use the single sign-on methods provided by Open Social e.g. Facebook, LinkedIn, Google and Twitter.
Project: Open Social
Versions: 8.x-9.x-dev, 8.x-8.x-dev
Date: 2021-January-27
Security risk: Moderately critical 10∕25
Vulnerability: Access bypassThe Social User Export module enables users within Open Social to create an export of users and download this to a CSV file.
Project: Drupal core
Date: 2021-January-20
Security risk: Critical 18∕25
Vulnerability: Third-party libraries
The Drupal project uses the pear Archive_Tar library, which has released a security update that impacts Drupal. For more information please see:
This is to announce the initial release of Paragraphs jQuery UI Accordion module for Backdrop. Initially created for Drupal by Maksym Shakhrai, the module is now ported to Backdrop by AltaGrade team.
Paragraphs jQuery UI Accordion is a module to create paragraphs with accordion effect in your Backdrop website's content. It based on jQuery UI Accordion plugin which already included in core, so no need to install additional libraries.
We are happy to announce the initial release of FAQ field module for Backdrop. Initially created for Drupal 7 by Patrick Drotleff and now ported to Backdrop by AltaGrade team, FAQ Field module provides a field for frequently asked questions.
Adding to any content type or user entity, you can create simple but smooth frequently asked questions on any piece of content on your Backdrop website.
Leverage the power of Drupal on AltaGrade hosting platform using tools which let you build, scale and deliver Drupal websites and applications offloading the management and maintenance of all platform-related issues to AltaGrade!
Project: Drupal core
Date: 2020-November-25
Security risk: Critical 18∕25
Vulnerability: Arbitrary PHP code execution
CVE IDs: CVE-2020-28949,CVE-2020-28948The Drupal project uses the PEAR Archive_Tar library. The PEAR Archive_Tar library has released a security update that impacts Drupal. For more information please see: