We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-11942

Drupal core - Moderately critical - Improper error handling - SA-CORE-2024-002



Description

A vulnerability in Drupal Core allows File Manipulation.This issue affects Drupal Core: from 10.0.0 before 10.2.10.

Reserved 2024-11-27 | Published 2024-12-05 | Updated 2024-12-05 | Assigner drupal

Problem types

CWE-390 Detection of Error Condition Without Action

Product status

Default status
unaffected

10.0.0 before 10.2.10
affected

Credits

Pierre Rudloff finder

catch remediation developer

Lee Rowlands remediation developer

Benji Fisher remediation developer

Kim Pepper remediation developer

Wim Leers remediation developer

xjm remediation developer

Dave Long coordinator

Juraj Nemec coordinator

References

www.drupal.org/sa-core-2024-002

cve.org (CVE-2024-11942)

nvd.nist.gov (CVE-2024-11942)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-11942

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.