High severityNVD Advisory· Published Dec 5, 2024· Updated Dec 5, 2024
Drupal core - Moderately critical - Denial of Service - SA-CORE-2024-001
CVE-2024-11941
Description
A vulnerability in Drupal Core allows Excessive Allocation.This issue affects Drupal Core: from 10.2.0 before 10.2.2, from 10.1.0 before 10.1.8.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
drupal/corePackagist | >= 10.1.0, < 10.1.8 | 10.1.8 |
drupal/corePackagist | >= 10.2.0, < 10.2.2 | 10.2.2 |
Affected products
3- osv-coords2 versions
>= 8.0.0, < 10.2.4+ 1 more
- (no CPE)range: >= 8.0.0, < 10.2.4
- (no CPE)range: >= 10.1.0, < 10.1.8
- Range: 10.2.0
Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-xq54-x54m-vcpxghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-11941ghsaADVISORY
- www.drupal.org/sa-core-2024-001ghsaWEB
News mentions
1- Drupal core - Moderately critical - Denial of Service - SA-CORE-2024-001Drupal Security Advisories · Jan 17, 2024