VulnerableCode Package Details - pkg:composer/drupal/core@10.2.10

Search for packages

Package details: pkg:composer/drupal/core@10.2.10

Essentials
History (1)

purl	pkg:composer/drupal/core@10.2.10

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-n5aa-fb4p-nyh8	Drupal core vulnerable to improper error handling Under certain uncommon site configurations, a bug in the CKEditor 5 module can cause some image uploads to move the entire webroot to a different location on the file system. This could be exploited by a malicious user to take down a site. The issue is mitigated by the fact that several non-default site configurations must exist simultaneously for this to occur.	CVE-2024-11942 GHSA-52jr-x6h6-xj6g

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-01T12:09:44.382881+00:00	GithubOSV Importer	Fixing	VCID-n5aa-fb4p-nyh8	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/12/GHSA-52jr-x6h6-xj6g/GHSA-52jr-x6h6-xj6g.json	36.1.3