VulnerableCode Package Details - pkg:composer/drupal/core@10.3.0-beta1

Vulnerabilities affecting this package (8)

Vulnerability	Summary	Fixed by
VCID-13ef-6vth-nugg Aliases: CVE-2025-13081 GHSA-m6vv-vcj8-w8m7	Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before 11.2.8.	10.4.9 Affected by 0 other vulnerabilities. 10.5.6 Affected by 0 other vulnerabilities. 11.1.9 Affected by 0 other vulnerabilities. 11.2.8 Affected by 0 other vulnerabilities.
VCID-1jvt-6dac-7qc5 Aliases: CVE-2025-13082 GHSA-h89p-5896-f4q8	User Interface (UI) Misrepresentation of Critical Information vulnerability in Drupal Drupal core allows Content Spoofing. This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before 11.2.8.	10.4.9 Affected by 0 other vulnerabilities. 10.5.6 Affected by 0 other vulnerabilities. 11.1.9 Affected by 0 other vulnerabilities. 11.2.8 Affected by 0 other vulnerabilities.
VCID-9bsd-gqyd-cuh5 Aliases: CVE-2025-13083 GHSA-mhpg-hpj5-73r2	Use of Web Browser Cache Containing Sensitive Information vulnerability in Drupal Drupal core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before 11.2.8, from 7.0 before 7.103.	10.4.9 Affected by 0 other vulnerabilities. 10.5.6 Affected by 0 other vulnerabilities. 11.1.9 Affected by 0 other vulnerabilities. 11.2.8 Affected by 0 other vulnerabilities.
VCID-mhcb-rdtq-sufx Aliases: CVE-2025-31674 GHSA-2qph-q8xw-gv7q		10.3.13 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 10.4.3 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 11.0.12 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 11.1.3 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-pyqg-gfn8-vqag Aliases: CVE-2025-3057 GHSA-39g6-x4x8-5jcm		10.3.13 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 10.4.3 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 11.0.12 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 11.1.3 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-qwwz-5n8j-9ben Aliases: CVE-2025-31675 GHSA-m4wj-hhwj-47qp		10.3.14 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 10.4.5 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 11.0.13 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 11.1.5 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-yb9a-1mp4-1kcz Aliases: CVE-2025-31673 GHSA-wpp8-fjgf-pwc7		10.3.13 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 10.4.3 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 11.0.12 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 11.1.3 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-z833-upr5-4ug5 Aliases: CVE-2025-13080 GHSA-83v7-c2cf-p9c2	Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Drupal core allows Forceful Browsing. This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before 11.2.8.	10.4.9 Affected by 0 other vulnerabilities. 10.5.6 Affected by 0 other vulnerabilities. 11.1.9 Affected by 0 other vulnerabilities. 11.2.8 Affected by 0 other vulnerabilities.

Next non-vulnerable version	10.4.9
Latest non-vulnerable version	11.2.8
Risk

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-01T09:09:59.559693+00:00	GitLab Importer	Affected by	VCID-13ef-6vth-nugg	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13081.yml	38.6.0
2026-06-01T09:09:56.673950+00:00	GitLab Importer	Affected by	VCID-9bsd-gqyd-cuh5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13083.yml	38.6.0
2026-06-01T09:09:53.533953+00:00	GitLab Importer	Affected by	VCID-z833-upr5-4ug5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13080.yml	38.6.0
2026-06-01T09:09:50.041599+00:00	GitLab Importer	Affected by	VCID-1jvt-6dac-7qc5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13082.yml	38.6.0
2026-06-01T08:37:24.034712+00:00	GitLab Importer	Affected by	VCID-mhcb-rdtq-sufx	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-31674.yml	38.6.0
2026-06-01T08:37:19.319299+00:00	GitLab Importer	Affected by	VCID-pyqg-gfn8-vqag	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-3057.yml	38.6.0
2026-06-01T08:37:16.217355+00:00	GitLab Importer	Affected by	VCID-qwwz-5n8j-9ben	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-31675.yml	38.6.0
2026-06-01T08:37:14.204316+00:00	GitLab Importer	Affected by	VCID-yb9a-1mp4-1kcz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-31673.yml	38.6.0
2026-06-01T08:13:32.107446+00:00	GitLab Importer	Fixing	VCID-sbnt-qndd-xubz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2024-45440.yml	38.6.0