Drupal has released Critical security updates to address vulnerabilities in Twig impacting Drupal core. A remote attacker could exploit these vulnerabilities to perform unauthorized read access to private files, the contents of other files on the server, or database credentials.

For a complete description of the vulnerabilities and affected systems go to Drupal core - Critical - Multiple vulnerabilities - SA-CORE-2022-016.

IT Security

Read more about IT Security service offerings.