Entity cache - Critical - Information disclosure - SA-CONTRIB-2023-046

Project: Entity cacheDate: 2023-September-27Security risk: Critical 16∕25 AC:Basic/A:User/CI:All/II:All/E:Theoretical/TD:UncommonVulnerability: Information disclosureDescription: Entity Cache puts core entities into Drupal's cache API.
A recent release of the module does not sanitize certain inputs appropriately. This can lead to unintended behavior when wildcard characters are included in the input.
The impact of this bug should be relatively minor in most configurations, but in worst-case scenarios it could lead to significant Access Bypass.Solution: Install the latest version:

Reported By: 

Fixed By: 

Coordinated By: 

Path to article https://www.drupal.org/sa-contrib-2023-046