6 matches found
CVE-2024-55636
Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8. Drupal core contains a chain of methods that is exploitable when an insecure deserialization...
CVE-2024-55636
Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8. Drupal core contains a chain of methods that is exploitable when an insecure deserialization...
CVE-2024-55636
creationtimestamp| type| source ---|---|--- 2024-12-09 23:28:37+00:00| seen| https://infosec.exchange/users/cve/statuses/113625459395435245 2024-12-10 02:25:28+00:00| seen| https://t.me/cvedetector/12460...
CVE-2024-55636
CVE-2024-55636 describes a deserialization of untrusted data vulnerability in Drupal Core that can enable remote code execution via a gadget chain when deserializing untrusted data. Affected branches include Drupal Core 8.0.0–before 10.2.11, 10.3.0–before 10.3.9, and 11.0.0–before 11.0.8. The iss...
CVE-2024-55636 Drupal core - Less critical - Gadget chain - SA-CORE-2024-006
Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8. Drupal core contains a chain of methods that is exploitable when an insecure deserialization...
CVE-2024-55636 Drupal core - Less critical - Gadget chain - SA-CORE-2024-006
Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8. Drupal core contains a chain of methods that is exploitable when an insecure deserialization...