Blog
FAQ
Discussions
Search
Projects, issues, users, and merge requests.
Project ID, name, and description.
User nickname, name, and org.
Issue ID, title, and summary.
Merge request titles.
Contrib
.social
Feed
Live feed
Builds
Live builds
Core
Tags
Tags and Initiatives
securitydrupalorg
Open on Drupal.org →
Open on Drupal GitLab →
Created on 24 May 2010,
over 14 years ago
Maintained by
🇺🇸
United States
drumm
Drupal Security Team
🇺🇸
United States
greggles
🇺🇸
United States
mlhess
🇺🇸
United States
pwolanin
🇨🇦
Canada
scor
🇺🇸
United States
xjm
Clone
Clone with SSH
Clone with HTTPS
Clone with
doGit
🇺🇸
United States
74%
🇬🇧
United Kingdom
14%
🇧🇪
Belgium
5%
🇪🇸
Spain
2%
🇮🇹
Italy
1%
🇭🇺
Hungary
1%
🇸🇰
Slovakia
1%
🏴☠️
🇦🇺 🇳🇱
1%
Top 10 contributors
DM13 Security LLC
21%
🇺🇸
@cmlara
Acquia
7%
🇬🇧
@mcdruid
Tag1 Consulting
7%
🇬🇧
@catch
DUG BE vzw (Drupal User Group Belgium)
5%
🇧🇪
@BramDriesen
Drupal Association
3%
🇺🇸
@drumm
🇪🇸
@fjgarlin
Lullabot
3%
🇺🇸
@yesct
Pronovix
1%
🇭🇺
@mxr576
nLightened Development LLC
1%
🇺🇸
@nicxvan
ActivIT s.r.o.
1%
🇸🇰
@poker10
PreviousNext
1%
🇦🇺
@larowlan
+5
and 5 other organisations
Kosada
🇺🇸
@mradcliffe
Open Social
🇳🇱
@ronaldtebrake
Mobomo
🇺🇸
@smustgrave
Tobania
🇧🇪
@BramDriesen
Third and Grove
🇬🇧
@catch
and 2 individuals
( 48% )
🇺🇸
@greggles
🇮🇹
@apaderno
Follow
Sign in to follow projects
Merge Requests
!4
"My security issues" block's "more" link is redirecting to the wrong url
Open
Show issue
🇪🇸
Spain
fjgarlin
updated
about 1 month ago
!3
Remove riskcalc, replaced with www.drupal.org
Merged
Show issue
🇺🇸
United States
drumm
updated
9 months ago
Issues
📌
Update CNA scope
Needs review
Code
Created
3 months ago
v1.0
🇺🇸
United States
greggles
about 6 hours ago
✨
Prohibit the ability to adopt a project
Active
Code
Created
8 months ago
v1.0
🇺🇸
United States
cmlara
1 day ago
✨
Require in-person identity confirmation to receive security opt-in role.
Active
Code
Created
8 months ago
v1.0
🇺🇸
United States
cmlara
5 days ago
📌
[META|POLICY] Think of a way to make it less easy to become a (co-) maintainer
Active
Security Working Group (policy questions)
Created
6 days ago
v1.0
🇧🇪
Belgium
BramDriesen
5 days ago
📌
January 2025 CVEs
Active
Code
Created
11 days ago
v1.0
🇺🇸
United States
greggles
11 days ago
📌
Create CVEs for contributed projects in 2024
Active
Code
Created
about 2 months ago
v1.0
🇺🇸
United States
greggles
12 days ago
🐛
Drupal SA's missing CVE ID's
Active
Documentation
Created
5 months ago
v1.0
🇺🇸
United States
cmlara
12 days ago
💬
greggles dealing with organization credit attribution limitations
Postponed
Miscellaneous
Created
8 months ago
v1.0
🇺🇸
United States
greggles
12 days ago
📌
Create CVEs for SA-CORE-2024-003, 004, 005, 006, 007, 008
Active
Code
Created
about 2 months ago
v1.0
🇺🇸
United States
greggles
29 days ago
🐛
Update 'Security team process' link in Quicklinks to point to d.o
Fixed
Code
Created
over 8 years ago
v1.0
🇺🇸
United States
cashwilliams
29 days ago
📌
Unsuported Modules: Establish timeline for publishing of vulnerability info to allow for possible CVE creation
Active
Documentation
Created
about 1 month ago
v1.0
🇺🇸
United States
cmlara
about 1 month ago
🐛
"My security issues" block's "more" link is redirecting to the wrong url
Active
Code
Created
about 1 month ago
v1.0
🇧🇪
Belgium
BramDriesen
about 1 month ago
📌
Create CVEs for
Active
Code
Created
3 months ago
v1.0
🇺🇸
United States
greggles
about 1 month ago
📌
Create a cve for diff
Active
Code
Created
4 months ago
v1.0
🇺🇸
United States
greggles
about 1 month ago
📌
Develop and publish policy regarding missed SA notices
Active
Security Working Group (policy questions)
Created
almost 3 years ago
v1.0
🇺🇸
United States
cmlara
about 1 month ago
📌
Improve Security Risk Levels Defined docs page
Active
Documentation
Created
over 1 year ago
v1.0
🇺🇸
United States
DamienMcKenna
about 1 month ago
✨
Security Tracker Emails: Strip the Body Field Or Encrypt with Recipient's Pubic GPG Key
Closed: won't fix
Code
Created
over 10 years ago
v1.0
🇺🇸
United States
rickmanelius
about 1 month ago
📌
Collect CVE related details as part of Security Issue
Active
Code
Created
4 months ago
v1.0
🇺🇸
United States
cmlara
about 2 months ago
🌱
More flexible language for git vetted status for co-maintainers of existing projects
Active
Code
Created
almost 2 years ago
v1.0
🇬🇧
United Kingdom
catch
2 months ago
📌
Automate publishing of CVE's
Active
Code
Created
4 months ago
v1.0
🇺🇸
United States
cmlara
3 months ago
💬
Publication of CVE-2024-45440 by MITRE
Active
Security Working Group (policy questions)
Created
5 months ago
v1.0
🇺🇸
United States
cmlara
5 months ago
✨
Update policy to explicitly state security issues will be handled privately
Active
Security Working Group (policy questions)
Created
over 2 years ago
v1.0
🇺🇸
United States
DamienMcKenna
5 months ago
📌
Expand the ability of module maintainers to mark a particular release as security.
Active
Code
Created
7 months ago
v1.0
🇺🇸
United States
nicxvan
7 months ago
🌱
[META] Increase Security of Project Ownership Transfer Process
Active
Code
Created
8 months ago
v1.0
🇺🇸
United States
cmlara
8 months ago
📌
Remove riskcalc, replaced with www.drupal.org
Fixed
Code
Created
9 months ago
v1.0
🇺🇸
United States
drumm
9 months ago
📌
Switch to CVSS scoring
Active
Code
Created
9 months ago
v1.0
cilefen
9 months ago
📌
Document the process for updating an "unsupported" SA due to new adoption
Active
Documentation
Created
over 1 year ago
v1.0
🇺🇸
United States
DamienMcKenna
10 months ago
📌
Review and fix up message templates
Fixed
Documentation
Created
11 months ago
v1.0
🇺🇸
United States
greggles
10 months ago
📌
Get an Open Source Security Foundation badge for Drupal (core? contrib?)
Needs review
Miscellaneous
Created
almost 3 years ago
v1.0
🇺🇸
United States
greggles
11 months ago
🐛
Link to create SA in the sidebar info section doesn't work
Fixed
Code
Created
about 1 year ago
v1.0
🇧🇪
Belgium
kristiaanvandeneynde
11 months ago
📌
Update links on the with wrong counts
Active
Documentation
Created
about 1 year ago
v1.0
🇧🇪
Belgium
BramDriesen
about 1 year ago
✨
Change SA opt-in to differentiate between "not opted in (yet)" vs "opted out"
Active
User interface
Created
over 1 year ago
v1.0
🇺🇸
United States
DamienMcKenna
about 1 year ago
📌
Update security issue version field for semantic versioning & Drupal 9
Active
User interface
Created
about 4 years ago
v1.0
🇺🇸
United States
drumm
about 1 year ago
📌
Create new documentation guide & pages that clearly documents what issues are not considered security issues
Active
Miscellaneous
Created
almost 3 years ago
v1.0
🇺🇸
United States
DamienMcKenna
over 1 year ago
✨
Adjust order for editing SA fields to match s.d.o and the display on d.o
Fixed
sahtml
Created
almost 6 years ago
v1.0
🇺🇸
United States
greggles
over 1 year ago
contrib
.social
Blog
FAQ
Discussions
Production build 0.71.5
2024