How severe is CVE-2025-31674?

CVE-2025-31674 has a CVSS v3 score of 7.5 (HIGH).

CVE-2025-31674

Name: drupal
Author: drupal

7.5HIGH

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection.This issue affects Drupal core: from 8.0.0 before 10.3.13, fr

公開日: 3/31/2025更新日: 5/1/2025

説明

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection.This issue affects Drupal core: from 8.0.0 before 10.3.13, from 10.4.0 before 10.4.3, from 11.0.0 before 11.0.12, from 11.1.0 before 11.1.3.

AI分析AIによる分析

影響を受ける製品

drupaldrupal

参照

https://www.drupal.org/sa-core-2025-003
Vendor Advisory