Deserialization vulnerability in Drupal Core allows Object Injection in specific versions.
Reporter | Title | Published | Views | Family All 11 |
---|---|---|---|---|
![]() | Drupal PHP Object Injection Vulnerability (SA-CORE-2024-008) - Linux | 25 Nov 202400:00 | – | openvas |
![]() | Drupal PHP Object Injection Vulnerability (SA-CORE-2024-008) - Windows | 25 Nov 202400:00 | – | openvas |
![]() | CVE-2024-55638 Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-008 | 9 Dec 202423:26 | – | vulnrichment |
![]() | CVE-2024-55638 | 10 Dec 202400:15 | – | nvd |
![]() | CVE-2024-55638 Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-008 | 9 Dec 202423:26 | – | cvelist |
![]() | CVE-2024-55638 | 10 Dec 202400:00 | – | ubuntucve |
![]() | Drupal core contains a potential PHP Object Injection vulnerability | 10 Dec 202400:31 | – | github |
![]() | Drupal core contains a potential PHP Object Injection vulnerability | 10 Dec 202400:31 | – | osv |
![]() | UBUNTU-CVE-2024-55638 | 10 Dec 202400:15 | – | osv |
![]() | Deserialization Of Untrusted Data | 24 Dec 202404:53 | – | veracode |
[
{
"collectionURL": "https://www.drupal.org/project/drupal/",
"defaultStatus": "unaffected",
"product": "Drupal Core",
"repo": "https://git.drupalcode.org/project/drupal",
"vendor": "Drupal",
"versions": [
{
"lessThan": "7.102",
"status": "affected",
"version": "7.0",
"versionType": "semver"
},
{
"lessThan": "10.2.11",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThan": "10.3.9",
"status": "affected",
"version": "10.3.0",
"versionType": "semver"
}
]
}
]
Source | Link |
---|---|
drupal | www.drupal.org/sa-core-2024-008 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo