Home

Description

Deserialization of Untrusted Data vulnerability in Drupal Mailjet allows Object Injection.This issue affects Mailjet: from 0.0.0 before 4.0.1.

PUBLISHED Reserved 2025-01-09 | Published 2025-01-09 | Updated 2025-01-10 | Assigner drupal

Problem types

CWE-502 Deserialization of Untrusted Data

Product status

Default status
unaffected

0.0.0 (semver) before 4.0.1
affected

Credits

Drew Webber finder

Drew Webber remediation developer

Bohdan Artemchuk remediation developer

Drew Webber coordinator

References

www.drupal.org/sa-contrib-2024-062

cve.org (CVE-2024-13296)

nvd.nist.gov (CVE-2024-13296)

Download JSON