VulnerableCode Package Details - pkg:composer/drupal/core@11.1.9

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-g33x-1paw-7udm	Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before 11.2.8.	CVE-2025-13081 GHSA-m6vv-vcj8-w8m7
VCID-hgb1-xrne-e7c8	Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Drupal core allows Forceful Browsing. This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before 11.2.8.	CVE-2025-13080 GHSA-83v7-c2cf-p9c2
VCID-hwnd-nuv7-jqbh	User Interface (UI) Misrepresentation of Critical Information vulnerability in Drupal Drupal core allows Content Spoofing. This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before 11.2.8.	CVE-2025-13082 GHSA-h89p-5896-f4q8
VCID-syrg-ckq7-cbd6	Use of Web Browser Cache Containing Sensitive Information vulnerability in Drupal Drupal core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before 11.2.8, from 7.0 before 7.103.	CVE-2025-13083 GHSA-mhpg-hpj5-73r2

Vulnerability

Summary

Aliases

VCID-g33x-1paw-7udm

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before 11.2.8.

CVE-2025-13081
GHSA-m6vv-vcj8-w8m7

VCID-hgb1-xrne-e7c8

Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Drupal core allows Forceful Browsing. This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before 11.2.8.

CVE-2025-13080
GHSA-83v7-c2cf-p9c2

VCID-hwnd-nuv7-jqbh

User Interface (UI) Misrepresentation of Critical Information vulnerability in Drupal Drupal core allows Content Spoofing. This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before 11.2.8.

CVE-2025-13082
GHSA-h89p-5896-f4q8

VCID-syrg-ckq7-cbd6

Use of Web Browser Cache Containing Sensitive Information vulnerability in Drupal Drupal core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Drupal core: from 8.0.0 before 10.4.9, from 10.5.0 before 10.5.6, from 11.0.0 before 11.1.9, from 11.2.0 before 11.2.8, from 7.0 before 7.103.

CVE-2025-13083
GHSA-mhpg-hpj5-73r2

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T23:52:27.353222+00:00	GitLab Importer	Fixing	VCID-g33x-1paw-7udm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13081.yml	38.4.0
2026-04-16T23:52:25.118425+00:00	GitLab Importer	Fixing	VCID-syrg-ckq7-cbd6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13083.yml	38.4.0
2026-04-16T23:52:22.682554+00:00	GitLab Importer	Fixing	VCID-hgb1-xrne-e7c8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13080.yml	38.4.0
2026-04-16T23:52:20.074093+00:00	GitLab Importer	Fixing	VCID-hwnd-nuv7-jqbh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13082.yml	38.4.0
2026-04-12T01:14:07.905566+00:00	GitLab Importer	Fixing	VCID-g33x-1paw-7udm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13081.yml	38.3.0
2026-04-12T01:14:05.500916+00:00	GitLab Importer	Fixing	VCID-syrg-ckq7-cbd6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13083.yml	38.3.0
2026-04-12T01:14:02.728215+00:00	GitLab Importer	Fixing	VCID-hgb1-xrne-e7c8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13080.yml	38.3.0
2026-04-12T01:13:59.550573+00:00	GitLab Importer	Fixing	VCID-hwnd-nuv7-jqbh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13082.yml	38.3.0
2026-04-03T01:23:05.357334+00:00	GitLab Importer	Fixing	VCID-g33x-1paw-7udm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13081.yml	38.1.0
2026-04-03T01:23:03.047635+00:00	GitLab Importer	Fixing	VCID-syrg-ckq7-cbd6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13083.yml	38.1.0
2026-04-03T01:23:00.366595+00:00	GitLab Importer	Fixing	VCID-hgb1-xrne-e7c8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13080.yml	38.1.0
2026-04-03T01:22:57.103390+00:00	GitLab Importer	Fixing	VCID-hwnd-nuv7-jqbh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13082.yml	38.1.0
2026-04-01T16:07:08.868727+00:00	GHSA Importer	Fixing	VCID-g33x-1paw-7udm	https://github.com/advisories/GHSA-m6vv-vcj8-w8m7	38.0.0
2026-04-01T16:07:08.843288+00:00	GHSA Importer	Fixing	VCID-hwnd-nuv7-jqbh	https://github.com/advisories/GHSA-h89p-5896-f4q8	38.0.0
2026-04-01T16:07:08.813286+00:00	GHSA Importer	Fixing	VCID-syrg-ckq7-cbd6	https://github.com/advisories/GHSA-mhpg-hpj5-73r2	38.0.0
2026-04-01T16:07:08.760148+00:00	GHSA Importer	Fixing	VCID-hgb1-xrne-e7c8	https://github.com/advisories/GHSA-83v7-c2cf-p9c2	38.0.0
2026-04-01T12:56:30.934259+00:00	GithubOSV Importer	Fixing	VCID-hgb1-xrne-e7c8	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/11/GHSA-83v7-c2cf-p9c2/GHSA-83v7-c2cf-p9c2.json	38.0.0
2026-04-01T12:56:26.219217+00:00	GithubOSV Importer	Fixing	VCID-hwnd-nuv7-jqbh	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/11/GHSA-h89p-5896-f4q8/GHSA-h89p-5896-f4q8.json	38.0.0
2026-04-01T12:56:23.542975+00:00	GithubOSV Importer	Fixing	VCID-syrg-ckq7-cbd6	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/11/GHSA-mhpg-hpj5-73r2/GHSA-mhpg-hpj5-73r2.json	38.0.0
2026-04-01T12:56:23.289133+00:00	GithubOSV Importer	Fixing	VCID-g33x-1paw-7udm	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/11/GHSA-m6vv-vcj8-w8m7/GHSA-m6vv-vcj8-w8m7.json	38.0.0
2026-04-01T12:53:10.826159+00:00	GitLab Importer	Fixing	VCID-g33x-1paw-7udm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13081.yml	38.0.0
2026-04-01T12:53:10.665309+00:00	GitLab Importer	Fixing	VCID-syrg-ckq7-cbd6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13083.yml	38.0.0
2026-04-01T12:53:10.552458+00:00	GitLab Importer	Fixing	VCID-hgb1-xrne-e7c8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13080.yml	38.0.0
2026-04-01T12:53:10.407878+00:00	GitLab Importer	Fixing	VCID-hwnd-nuv7-jqbh	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-13082.yml	38.0.0