Drupal core - Moderately critical - Third-party libraries - SA-CORE-2022-010
Project: Drupal core
Date: 2022-May-25
Security risk: Moderately critical 13∕25
Vulnerability: Third-party libraries
CVE IDs: CVE-2022-29248
Description
Drupal uses the third-party Guzzle library for handling HTTP requests and responses to external services. Guzzle has released a security update which does not affect Drupal core, but may affect some contributed projects or custom code on Drupal sites.