View online: https://www.drupal.org/sa-contrib-2024-013

Project: Node Access Rebuild Progressive [1] Date: 2024-February-28 Security risk: *Less critical* 9∕25 AC:Complex/A:Admin/CI:Some/II:None/E:Theoretical/TD:All [2] Vulnerability: Access bypass

Description:  This module provides an alternative mean of rebuilding the Content Access table.

The module doesn't sufficiently reset the state of content access when the module is uninstalled.

Solution:  Install the latest version:

* If you use the node_access_rebuild_progressive module for Drupal 7, upgrade to node_access_rebuild_progressive 7.x-1.2 [3]

Reported By:  * Jen Lampton [4] Provisional Member of the Drupal Security Team

Fixed By:  * Shelane French [5] * Juraj Nemec [6] of the Drupal Security Team * Jen Lampton [7] Provisional Member of the Drupal Security Team

Coordinated By:  * Greg Knaddison [8] of the Drupal Security Team * Juraj Nemec [9] of the Drupal Security Team

[1] https://www.drupal.org/project/node_access_rebuild_progressive [2] https://www.drupal.org/security-team/risk-levels [3] https://www.drupal.org/project/node_access_rebuild_progressive/releases/7.x-... [4] https://www.drupal.org/user/85586 [5] https://www.drupal.org/user/2674989 [6] https://www.drupal.org/user/272316 [7] https://www.drupal.org/user/85586 [8] https://www.drupal.org/user/36762 [9] https://www.drupal.org/user/272316