How severe is CVE-2025-31674?

CVE-2025-31674 has a CVSS v3 score of 7.5 (HIGH).

CVE-2025-31674

Name: drupal
Author: drupal

7.5HIGH

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection.This issue affects Drupal core: from 8.0.0 before 10.3.13, fr

Publicado: 3/31/2025Atualizado: 5/1/2025

Descrição

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection.This issue affects Drupal core: from 8.0.0 before 10.3.13, from 10.4.0 before 10.4.3, from 11.0.0 before 11.0.12, from 11.1.0 before 11.1.3.

Análise IADesenvolvido por IA

Produtos Afetados

drupaldrupal

Referências

https://www.drupal.org/sa-core-2025-003
Vendor Advisory