Lucene search
+L

6 matches found

NVD
NVD
added 2024/12/10 12:15 a.m.13 views

CVE-2024-55636

Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8. Drupal core contains a chain of methods that is exploitable when an insecure deserialization...

9.8CVSS0.00904EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/12/10 12:15 a.m.6 views

CVE-2024-55636

Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8. Drupal core contains a chain of methods that is exploitable when an insecure deserialization...

9.8CVSS6.5AI score0.00904EPSS
Exploits0References1
Circl
Circl
added 2024/12/09 11:28 p.m.10 views

CVE-2024-55636

creationtimestamp| type| source ---|---|--- 2024-12-09 23:28:37+00:00| seen| https://infosec.exchange/users/cve/statuses/113625459395435245 2024-12-10 02:25:28+00:00| seen| https://t.me/cvedetector/12460...

9.8CVSS4.7AI score0.00904EPSS
Exploits0References2
CVE
CVE
added 2024/12/09 11:24 p.m.201 views

CVE-2024-55636

CVE-2024-55636 describes a deserialization of untrusted data vulnerability in Drupal Core that can enable remote code execution via a gadget chain when deserializing untrusted data. Affected branches include Drupal Core 8.0.0–before 10.2.11, 10.3.0–before 10.3.9, and 11.0.0–before 11.0.8. The iss...

9.8CVSS9.7AI score0.00904EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/12/09 11:24 p.m.213 views

CVE-2024-55636 Drupal core - Less critical - Gadget chain - SA-CORE-2024-006

Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8. Drupal core contains a chain of methods that is exploitable when an insecure deserialization...

0.00904EPSS
Exploits0References1
OSV
OSV
added 2024/12/09 11:24 p.m.3 views

CVE-2024-55636 Drupal core - Less critical - Gadget chain - SA-CORE-2024-006

Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8. Drupal core contains a chain of methods that is exploitable when an insecure deserialization...

9.8CVSS7.8AI score0.00904EPSS
Exploits0References5
Rows per page
Query Builder