Drupal has released security updates to address a third-party-library vulnerability that could affect Drupal 8.9, 9.1, and 9.2. An attacker could exploit this vulnerability to take control of an affected system.

According to Drupal security advisory, users are recommended to install the latest version:

If you are using Drupal 9.2, update to Drupal 9.2.4.

If you are using Drupal 9.1, update to Drupal 9.1.12.

If you are using Drupal 8.9, update to Drupal 8.9.18.

More information on vulnerability and updates is available in Drupal security advisory – SA-CORE-2021-005.