Skip to main content

Drupal Core Multiple Vulnerabilities

Release Date: 14 Jun 2022 4169 Views

RISK: Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Multiple vulnerabilities were identified in Drupal Core. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure on the targeted system.


Impact

  • Information Disclosure

System / Technologies affected

  • Drupal 9.4 version prior to Drupal 9.4.0-rc2
  • Drupal 9.3 version prior to Drupal 9.3.16
  • Drupal 9.2 version prior to Drupal 9.2.21

Solutions

Before installation of the software, please visit the vendor web-site for more details.
 

Apply fixes issued by the vendor:

 

All versions of Drupal 9 prior to 9.2.x are end-of-life and do not receive security coverage.
Note that Drupal 8 has reached its end of life.

Drupal 7 is not affected.


Vulnerability Identifier


Source


Related Link