CVE-2024-55634

CVE-2024-55634: Drupal core - Moderately critical - Access bypass - SA-CORE-2024-004

Vendor Drupal

Product Drupal Core

Weakness CWE-178

Published December 9, 2024

Last update December 11, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

A vulnerability in Drupal Core allows Privilege Escalation.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8.

Key dates

Disclosure timeline

December 9, 2024 CVE published

December 11, 2024 Record updated

Identifiers

CVE CVE-2024-55634

CWE CWE-178

Affected versions

Vendor Drupal

Product Drupal Core

Affected ≥ 8.0.0 and < 10.2.11

Vendor Drupal

Product Drupal Core

Affected ≥ 10.3.0 and < 10.3.9

Vendor Drupal

Product Drupal Core

Affected ≥ 11.0.0 and < 11.0.8