HomePentest-Tools.com Logo

Drupal Vulnerability in Third-party Library (SA-CORE-2022-006) - Windows CVE-2022-24775

Severity
CVSSv3 Score
7.5
Vulnerability description

Drupal is prone to a vulnerability in a third-party library.

Risk description

Drupal uses the third-party Guzzle library for handling HTTP requests and responses to external services. Guzzle has released a security update which may affect some Drupal sites. For more information, see Guzzles security advisories linked in the references: - CVE-2022-24775: Improper Input Validation in guzzlehttp/psr7

Recommendation

Update to version 9.2.16, 9.3.9 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Mar 21, 2022
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available