Attention: Drupal security update required!

drupal security info codafish news

A security flaw in Drupal allows websites to be easily compromised

The US cyber security authority CISA has advised users to update their Drupal CMS, as this vulnerability makes it extremely easy for a malicious server to take over a website.

This leak enables an attacker to remotely take control of an affected website unhindered and to inflict extensive damage.

Our affected Drupal customers have already been informed and the appropriate measures have been taken.

For all other Drupal users, we have provided a brief explanation of the situation and what to do in this text.

Is your CMS safe?

Get in touch with us to check your security status via phone or contact form!Read More

Is your CMS safe?

Get in touch with us to check your security status via phone or contact form!Read More

Is your CMS safe?

Get in touch with us to check your security status via phone or contact form!Read More

Cause of the security flaw: Guzzle

The reason for the security update required for the Drupal content management system is not the Drupal code itself, but the third-party library Guzzle.
Guzzle is a PHP HTTP client and framework for creating RESTful web service clients. This is a simple Composer installation script and autoloader for the Guzzle HTTP client library. Once installed, developers can use Guzzle to access RESTful web services in a clean and simple object-based way.

Am I affected by the security breach?

The security vulnerability affects Drupal versions lower than 7.95, 8.0.0 to lower than 9.4.12, 9.5.0 to lower than 9.5.5, and 10.0.0 to lower than 10.0.5. This means that the patched versions are 7.95, 9.5.5, 9.4.12 and 10.0.5. Attention: Drupal 9 versions prior to 9.4.x are end-of-life products and no longer receive security patches! Drupal 8 is also no longer supported. If you are still using this type of Drupal system, you will have to update to a version that is still supported. If you have a Drupal website and you need information about security changes and necessary updates, contact our expert developers and we will solve all your doubts. Call us on +34 911 23 11 75

Why is a CMS update necessary?

Many products have what is called an “end-of-life.” This quite simply means that no more updates will be made available for the product or the version.
These updates also cover upgrades for the Drupal CMS, which also feature security patches designed to close security gaps. As a digital full-service agency, codafish has been developing complex websites with the Drupal CMS for years and we update our customer projects automatically. Learn more about everything that is important to know about Drupal updates here.

For anyone who is using a current version of Drupal or one that is still supported, there is no reason to panic for the time being. Thanks to the worldwide developer community, security patches have been programmed to close the security gap, as already mentioned. The security patches can be easily implemented by performing a security update. If you would like to benefit from our expert knowledge, please give us a call on 00800 2632 3474 and we will discuss the next steps in a brief and straightforward chat!

Is your CMS safe?

Get in touch with us to check your security status via phone or contact form!Read More

Drupal is one of the most widely used CMS in the world. It is especially popular for content-heavy websites, with high traffic, complex rights and role distribution, and a large number of languages.
Do you run a Drupal website that is in need of an urgent update, both from the inside and the out? If so, have a look at our Drupal references from our customer projects:

Psylife.de:
As psylife.de’s website became busier and busier due to increasing usage and expanding the variety of articles, and as monthly readership increased, the team was confronted with a challenge around the technical optimization of the platform. Since they were using the open-source Drupal 8 system, whose life span was coming to an end, the need to modernize the system became urgent.

Wirtschaftspsychologie-aktuell.de:
At wirtschaftspsychologie-aktuell.de, there was a clear desire to optimize the website in terms of both design and the structural setup within the CMS. We initially relaunched the site using a Drupal theme in line with the client’s aesthetic requirements, and then extensively re-engineered functional features and consent management.

Dive into our World

Here is where we inform you about exciting digital trends and explain how you can use them in your business. In addition, we offer you a closer look at our work as a digital agency. Thank you for your interest. Thank you for your interest.

WordPress vs Joomla

Compare Wordpress vs Joomla! Learn about their differences, advantages, security, and discover which CMS is right for your website needs.
Read More
folgeseite-2

Pimcore Experiences

Transform your digital strategy with Pimcore! Manage content, assets, and product data seamlessly in one platform. Discover how Pimcore can streamline your operations and boost ...
Read More

Web design tips

Anyone here looking for web design tips and already completed a lengthy web search? Then breathe a sigh of relief - you've come to the ...
Read More

We call you!

Are you planning a new digital project and you have questions about our services? Complete this form or call us at +1 888 9263234
  • This field is for validation purposes and should be left unchanged.
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.
Error: Embedded data could not be displayed.