Name of the Vulnerable Software and Affected Versions Drupal versions prior to 8.7.11 Drupal versions 8.8.x prior to 8.8.1

Description The Media Library module has a security issue where it does not sufficiently restrict access to media items in certain configurations.

Recommendations If you are using Drupal 8.7.x, upgrade to Drupal 8.7.11. If you are using Drupal 8.8.x, upgrade to Drupal 8.8.1. For versions prior to 8.7.x, no solution is available as they are end-of-life. As a temporary workaround for versions 8.8.x, consider unchecking the "Enable advanced UI" checkbox on "/admin/config/media/media-library".