Server-Side Request Forgery (SSRF) vulnerability in Drupal Drupal Canvas allows Server Side Request Forgery.This issue affects Drupal Canvas: from 0.0.0 before 1.1.1.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

No data.

No data.

No data.

No data.

References
Link Providers
https://www.drupal.org/sa-contrib-2026-017 cve-icon cve-icon
History

Wed, 25 Mar 2026 15:45:00 +0000

Type Values Removed Values Added
Description Server-Side Request Forgery (SSRF) vulnerability in Drupal Drupal Canvas allows Server Side Request Forgery.This issue affects Drupal Canvas: from 0.0.0 before 1.1.1.
Title Drupal Canvas - Moderately critical - Server-side request forgery, Information disclosure - SA-CONTRIB-2026-017
Weaknesses CWE-918
References
cve-icon MITRE

Status: PUBLISHED

Assigner: drupal

Published:

Updated: 2026-03-25T15:24:17.937Z

Reserved: 2026-02-25T16:59:32.261Z

Link: CVE-2026-3216

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-03-25T16:16:22.777

Modified: 2026-03-25T16:16:22.777

Link: CVE-2026-3216

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.