On January 25th, a whole list of security advisories for contributed module projects was posted by the Drupal Security team that are classified as Critical but Unsupported vulnerabilities.

1. Prevent Anonymous Users to Access Drupal Pages- SA-CONTRIB-2022-005
2. Taxonomy Access Control Lite-SA-CONTRIB-2022- 006
3. Colorbox: SA-CONTRIB-2022-007   
4. Admin Toolbar Search- SA-CONTRIB-2022-008
5. Expire reset password link- SA-CONTRIB-2022-009
6. Rate- SA-CONTRIB-2022-010  
7. Swiftype integration- SA-CONTRIB-2022-012  
8. Business Responsive Theme-SA_CONTRIB-2022-013  
9. Exif-SA-CONTRIB-2022-015  
10. Vocabulary Permissions Per Role- SA-CONTRIB-2022-016  
11. Media Entity Flickr- SA-CONTRIB-2022-017  
12. Cog- SA-CONTRIB-2022-018  
13. Vendor Stream Wrapper- SA-CONTRIB-2022-019  
14. Remote Stream Wrapper- SA-CONTRIB-2022-020  
15. Image Media Export Import- SA-CONTRIB-2022-021  
16. Printer, email and PDF versions- SA-CONTRIB-2022-022  

All these have the same security risk classification namely “Critical 15∕25 AC:Basic/A:User/CI:Some/II:Some/E:Proof/TD:All”

You May Like

Interview

Leading the Way: Ruth Cheesley's Journey with Mautic

Interview

Leading the Way: Ruth Cheesley's Journey with Mautic

The security team is marking these projects unsupported. There are known security issues with these projects that have not been fixed by the maintainer. If you would like to maintain any of these projects, please read: https://www.drupal.org/node/251466#procedure---own-project---unsupported

Solution: 
If you use any of these projects, you should uninstall it as per security teams recommendation. To take over maintainership, please read https://www.drupal.org/node/251466#procedure---own-project---unsupported in full.