VulnerableCode Package Details - pkg:composer/drupal/core@10.4.0-beta1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-nhhw-dxca-eqhr	Incorrect Authorization vulnerability in Drupal Drupal core allows Forceful Browsing.This issue affects Drupal core: from 8.0.0 before 10.3.13, from 10.4.0 before 10.4.3, from 11.0.0 before 11.0.12, from 11.1.0 before 11.1.3.	CVE-2025-31673 GHSA-wpp8-fjgf-pwc7
VCID-v81n-gjq6-fycy	Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection.This issue affects Drupal core: from 8.0.0 before 10.3.13, from 10.4.0 before 10.4.3, from 11.0.0 before 11.0.12, from 11.1.0 before 11.1.3.	CVE-2025-31674 GHSA-2qph-q8xw-gv7q
VCID-vsp2-5z41-2bbz	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Drupal core allows Cross-Site Scripting (XSS).This issue affects Drupal core: from 8.0.0 before 10.3.14, from 10.4.0 before 10.4.5, from 11.0.0 before 11.0.13, from 11.1.0 before 11.1.5.	CVE-2025-31675 GHSA-m4wj-hhwj-47qp
VCID-xja8-hukq-qub7	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Drupal core allows Cross-Site Scripting (XSS).This issue affects Drupal core: from 8.0.0 before 10.3.13, from 10.4.0 before 10.4.3, from 11.0.0 before 11.0.12, from 11.1.0 before 11.1.3.	CVE-2025-3057 GHSA-39g6-x4x8-5jcm

Vulnerability

Summary

Aliases

VCID-nhhw-dxca-eqhr

Incorrect Authorization vulnerability in Drupal Drupal core allows Forceful Browsing.This issue affects Drupal core: from 8.0.0 before 10.3.13, from 10.4.0 before 10.4.3, from 11.0.0 before 11.0.12, from 11.1.0 before 11.1.3.

CVE-2025-31673
GHSA-wpp8-fjgf-pwc7

VCID-v81n-gjq6-fycy

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection.This issue affects Drupal core: from 8.0.0 before 10.3.13, from 10.4.0 before 10.4.3, from 11.0.0 before 11.0.12, from 11.1.0 before 11.1.3.

CVE-2025-31674
GHSA-2qph-q8xw-gv7q

VCID-vsp2-5z41-2bbz

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Drupal core allows Cross-Site Scripting (XSS).This issue affects Drupal core: from 8.0.0 before 10.3.14, from 10.4.0 before 10.4.5, from 11.0.0 before 11.0.13, from 11.1.0 before 11.1.5.

CVE-2025-31675
GHSA-m4wj-hhwj-47qp

VCID-xja8-hukq-qub7

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Drupal core allows Cross-Site Scripting (XSS).This issue affects Drupal core: from 8.0.0 before 10.3.13, from 10.4.0 before 10.4.3, from 11.0.0 before 11.0.12, from 11.1.0 before 11.1.3.

CVE-2025-3057
GHSA-39g6-x4x8-5jcm

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-20T17:19:31.873841+00:00	GitLab Importer	Fixing	VCID-vsp2-5z41-2bbz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-31675.yml	36.1.3
2025-06-20T17:19:27.317568+00:00	GitLab Importer	Fixing	VCID-xja8-hukq-qub7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-3057.yml	36.1.3
2025-06-20T17:19:26.110018+00:00	GitLab Importer	Fixing	VCID-v81n-gjq6-fycy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-31674.yml	36.1.3
2025-06-20T17:19:25.011956+00:00	GitLab Importer	Fixing	VCID-nhhw-dxca-eqhr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-31673.yml	36.1.3
2025-06-03T23:54:26.558732+00:00	GitLab Importer	Fixing	VCID-vsp2-5z41-2bbz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-31675.yml	36.1.0
2025-06-03T23:54:22.385224+00:00	GitLab Importer	Fixing	VCID-xja8-hukq-qub7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-3057.yml	36.1.0
2025-06-03T23:54:21.298123+00:00	GitLab Importer	Fixing	VCID-v81n-gjq6-fycy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-31674.yml	36.1.0
2025-06-03T23:54:20.275679+00:00	GitLab Importer	Fixing	VCID-nhhw-dxca-eqhr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-31673.yml	36.1.0
2025-06-02T23:53:24.015949+00:00	GitLab Importer	Fixing	VCID-vsp2-5z41-2bbz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-31675.yml	36.1.2
2025-06-02T23:53:19.610646+00:00	GitLab Importer	Fixing	VCID-xja8-hukq-qub7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-3057.yml	36.1.2
2025-06-02T23:53:18.390732+00:00	GitLab Importer	Fixing	VCID-v81n-gjq6-fycy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-31674.yml	36.1.2
2025-06-02T23:53:17.360293+00:00	GitLab Importer	Fixing	VCID-nhhw-dxca-eqhr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-31673.yml	36.1.2
2025-05-15T01:18:27.193972+00:00	GitLab Importer	Fixing	VCID-vsp2-5z41-2bbz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-31675.yml	36.0.0
2025-05-15T01:18:16.623270+00:00	GitLab Importer	Fixing	VCID-xja8-hukq-qub7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-3057.yml	36.0.0
2025-05-15T01:18:13.715416+00:00	GitLab Importer	Fixing	VCID-v81n-gjq6-fycy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-31674.yml	36.0.0
2025-05-15T01:18:11.170039+00:00	GitLab Importer	Fixing	VCID-nhhw-dxca-eqhr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/drupal/core/CVE-2025-31673.yml	36.0.0