Resource Allocation Vulnerability in Drupal Stage File Proxy
CVE-2025-3734

Currently unrated

Key Information:

Vendor: Drupal
Status: Stage File Proxy
Vendor: CVE Published:; 16 April 2025

Summary

The Stage File Proxy module for Drupal contains a resource allocation flaw that permits flooding attacks. This vulnerability allows an attacker to exhaust system resources by sending multiple requests, potentially leading to degraded performance or denial of service. The issue affects versions of the module prior to 3.1.5, necessitating users to update to mitigate risks.

References

https://www.drupal.org/sa-contrib-2025-035

Timeline

Vulnerability published
Apr 16, 2025