Ref# ADV2025_301 | Date: Sep 3rd 2025

---

Drupal has published a security advisory highlighting vulnerabilities in the following products on August 27th, 2025. It is recommended that you take the necessary precautions by ensuring your products are always updated. 

• API Key manager – all versions 
• Authenticator Login – versions prior to 2.1.8 
• Facets – versions prior to 2.0.10, version 3.0.0 to versions prior to 3.0.1 
• Owl Carousel 2 – all versions 
• Protected Pages – version 1.8.0 
• Synchronize composer.json with Contrib Modules – all versions 

For more information on these updates, you can follow this URL: 

Drupal Security Advisories 

The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary. 

PDF Download: Drupal Security Advisory

References 

• Drupal Security Advisories. (August 27th, 2025). Retrieved from Drupal. https://www.drupal.org/security  

• Drupal Security Advisory. (August 27th, 2025). Retrieved from Canadian Centre for Cyber Security. https://www.cyber.gc.ca/en/alerts-advisories/drupal-security-advisory-av25-548