How severe is CVE-2025-31674?

CVE-2025-31674 has a CVSS v3 score of 7.5 (HIGH).

CVE-2025-31674

Name: drupal
Author: drupal

7.5HIGH

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection.This issue affects Drupal core: from 8.0.0 before 10.3.13, fr

Опубликовано: 3/31/2025Обновлено: 5/1/2025

Описание

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection.This issue affects Drupal core: from 8.0.0 before 10.3.13, from 10.4.0 before 10.4.3, from 11.0.0 before 11.0.12, from 11.1.0 before 11.1.3.

ИИ-АнализНа базе ИИ

Затронутые продукты

drupaldrupal

Ссылки

https://www.drupal.org/sa-core-2025-003
Vendor Advisory