May we please get an update to CVE-2026-3531?

Module: https://www.drupal.org/project/openid_connect

I've attached an update with the following:
• No date changes
• Additional product just for Drupal 7
• I expanded the description because the prior one was unusually terse
• Added HeroDevs and Tag1 links as third-party advisories

CommentFileSizeAuthor
CVE-2026-3531-revised.json_.txt9.23 KBaangel

Comments

aangel created an issue. See original summary.

greggles’s picture

Thanks for submitting this. Moving to needs review so folks can discuss this change. If there's no feedback I will review and can make the update shortly.

greggles’s picture

Status: Active » Needs review