CVE-2024-11941

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-11941

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-11941.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-11941

Aliases

Downstream

UBUNTU-CVE-2024-11941

Published

2024-12-05T15:15:08.340Z

Modified

2026-03-12T00:24:23.726103Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability in Drupal Core allows Excessive Allocation.This issue affects Drupal Core: from 10.2.0 before 10.2.2, from 10.1.0 before 10.1.8.

References

https://www.drupal.org/sa-core-2024-001

Affected packages

Git / github.com/drupal/drupal

Affected ranges

Type

GIT

Repo

https://github.com/drupal/drupal

Events

Introduced

35c2f3ca5c935f3d8bde15932a712677c9bbd50f

Fixed

32f756536f0e019797ee604fdf2822113b9db9e1

Introduced

f6651882b4827e11aaeb8bd0a416e377539ba96d

Fixed

4197bab425acfc129237f1ce904c1dd819ffa434

Database specific

{
    "versions": [
        {
            "introduced": "8.0.0"
        },
        {
            "fixed": "10.1.8"
        },
        {
            "introduced": "10.2.0"
        },
        {
            "fixed": "10.2.2"
        }
    ]
}

Affected versions

10.*

10.0.0-alpha1

10.0.0-alpha3

10.0.0-alpha4

10.0.0-alpha5

10.1.0

10.1.0-alpha1

10.1.0-beta1

10.1.0-rc1

10.1.1

10.1.2

10.1.3

10.1.4

10.1.5

10.1.6

10.1.7

10.2.0

10.2.0-alpha1

10.2.0-beta1

10.2.0-rc1

10.2.1

8.*

8.0.0

8.1.0-beta1

9.*

9.0.0-alpha1

9.0.0-alpha2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-11941.json"