Drupal Releases Security Update

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Drupal has released security updates to address vulnerabilities affecting Drupal 9.3 and 9.4. An attacker could exploit some of these vulnerabilities to take control of an affected system. 

CISA encourages users and administrators to review Drupal security advisory SA-CORE-2022-015 and apply the necessary update. 

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.

Drupal Releases Security Update

Please share your thoughts

CISA Adds Three Known Exploited Vulnerabilities to Catalog

Cisco Releases Security Updates for Multiple Products

CISA Releases Seventeen Industrial Control Systems Advisories

Adobe Releases Security Updates for Multiple Products

Drupal Releases Security Update

Please share your thoughts

Related Advisories

CISA Adds Three Known Exploited Vulnerabilities to Catalog

Cisco Releases Security Updates for Multiple Products

CISA Releases Seventeen Industrial Control Systems Advisories

Adobe Releases Security Updates for Multiple Products

Drupal Releases Security Update 