Drupal published security advisories to address multiple vulnerabilities in the Drupal products. The list of security updates can be found at:
https://www.drupal.org/sa-core-2024-003
https://www.drupal.org/sa-core-2024-004
https://www.drupal.org/sa-core-2024-005
https://www.drupal.org/sa-core-2024-006
https://www.drupal.org/sa-core-2024-007
https://www.drupal.org/sa-core-2024-008
Please note that Drupal 8, Drupal 9 and Drupal 10 prior to version 10.2 have reached End-Of-Life (EOL). No security updates will be provided after that. System administrators should arrange upgrading the Drupal to supported versions or migrating to other supported technology.
For detailed information of the affected products, please refer to the sections "Affected versions" and "Description" of corresponding security advisory at vendor's website.
Successful exploitation of the vulnerabilities could lead to remote code execution, security restriction bypass, spoofing or tampering on an affected system.
Patches for affected systems are now available. System administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.