{"id":"DRUPAL-CONTRIB-2025-059","details":"The Events Log Track module enables you to log specific events on a Drupal site.\n\nThe module doesn't sufficiently mitigate resource consumption for certain requests which allows a Denial of Service attack.","aliases":["CVE-2025-4416"],"modified":"2025-12-10T23:41:26.501116Z","published":"2025-05-14T18:04:52Z","references":[{"type":"WEB","url":"https://www.drupal.org/sa-contrib-2025-059"}],"affected":[{"package":{"name":"drupal/events_log_track","ecosystem":"Packagist:https://packages.drupal.org/8","purl":"pkg:composer/drupal/events_log_track"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.1.11"}],"database_specific":{"constraint":"\u003c3.1.11"}},{"type":"ECOSYSTEM","events":[{"introduced":"4.0.0"},{"fixed":"4.0.2"}],"database_specific":{"constraint":"\u003e=4.0.0 \u003c4.0.2"}}],"database_specific":{"source":"https://github.com/DrupalSecurityTeam/drupal-advisory-database/blob/main/advisories/events_log_track/DRUPAL-CONTRIB-2025-059.json","affected_versions":"\u003c3.1.11 || \u003e=4.0.0 \u003c4.0.2"}}],"schema_version":"1.7.3","credits":[{"name":"Scott Phillips (scottatdrake)","contact":["https://www.drupal.org/u/scottatdrake"]}]}