CVE-2024-13275 | THREATINT

Description

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Drupal Security Kit allows HTTP DoS.This issue affects Security Kit: from 0.0.0 before 2.0.3.

PUBLISHED Reserved 2025-01-09 | Published 2025-01-09 | Updated 2025-01-14 | Assigner drupal

Problem types

CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')

Product status

Default status

unaffected

0.0.0 (semver) before 2.0.3

affected

Credits

_b0lli finder

jweowu remediation developer

Drew Webber remediation developer

Greg Knaddison coordinator

Drew Webber coordinator

Heine Deelstra coordinator

References

www.drupal.org/sa-contrib-2024-039

cve.org (CVE-2024-13275)

nvd.nist.gov (CVE-2024-13275)

Download JSON