Search for vulnerabilities
| Vulnerability ID | VCID-jctf-yffu-hbag |
| Aliases |
GHSA-6ccv-8fgf-cjpw
GMS-2024-214 |
| Summary | Drupal core Denial of Service vulnerability The Comment module allows users to reply to comments. In certain cases, an attacker could make comment reply requests that would trigger a denial of service (DOS). Sites that do not use the Comment module are not affected. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 6.2 |
| Risk | 3.1 |
| Affected and Fixed Packages | Package Details |
| System | Score | Found at |
|---|---|---|
| cvssv3.1_qr | MODERATE | https://github.com/advisories/GHSA-6ccv-8fgf-cjpw |
| generic_textual | MODERATE | https://github.com/drupal/core |
| generic_textual | MODERATE | https://github.com/drupal/core/commit/2f76ac716ca8019bc60579fdfc8aa6cd65d57dff |
| generic_textual | MODERATE | https://github.com/drupal/core/commit/5e606b560ac4ecb08135f12b6165bbe0348346a0 |
| generic_textual | MODERATE | https://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/2024-01-17.yaml |
| generic_textual | MODERATE | https://www.drupal.org/sa-core-2024-001 |
No EPSS data available for this vulnerability.
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2026-04-01T12:50:20.735121+00:00 | GithubOSV Importer | Import | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-6ccv-8fgf-cjpw/GHSA-6ccv-8fgf-cjpw.json | 38.0.0 |