Report Incident
× Home Cybertech Africa 2023 2 DPO Rw-CSIRT Website About Rw-CSIRT Alerts Advisories About NCSA Documentation News & Events Topics Contact us Opportunities Privacy Policy

Advisory: Drupal Releases Security Update

Description
Drupal has released a security update to address a vulnerability affecting multiple versions of Drupal.

 

Affected systems
The released security updates are for fixing the following vulnerability:
  • CVE-2022-39261

 

Security Risks
An attacker could exploit this vulnerability to access sensitive information.

 

For the full list of security patches released by Drupal, please refer to Drupal Security Advisories page.    
 
Recommended Actions
The National Cyber Security Authority (NCSA) strongly recommends to system administrators to:

 

a. Upgrade, as soon as possible, to the latest supported version of Drupal CMS in-order to receive security updates and patches.

 

The latest Drupal stable versions, to be upgraded to are:

 

Drupal 8 has reached its end-of-life.

 

b. Before applying patches, please ensure you have the latest backup that can easily be restored.
 
For further information and support, please contact NCSA by email at rwcsirt@ncsa.gov.rw or call us on 9009
 
Reference
https://www.drupal.org/sa-core-2022-016
https://www.drupal.org/security

02 October 2022

© 2024 National Cyber Security Authority