Bangladesh Bank

Jenkins Security Advisory. [Published Date: 2025-03-19]

Jenkins published a security advisory to address vulnerabilities in the following products:

AnchorChain Plugin - version 1.0 and prior
EDDSA API Plugin - version 3.0-13.v7cb_69ed68f00 and prior
Zoho QEngine Plugin - version 0.29.vfa_cc23396502 and prior

Review the Jenkins security advisory and apply the necessary updates.

Veeam Security Advisory. [Published Date: 2025-03-19]

Veem has released security updates to address a vulnerability in Veeam Backup & Replication - all versions 12 prior to build 12.3.1.1139.

Review the Veeam Security Advisory and apply the necessary updates.

Google Chrome Security Advisory. [Published Date: 2025-03-19]

Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 134.0.6998.117 for Linux and prior to 134.0.6998.117/118 for Windows and Apple MAC.

Review the Google security bulletins and apply the necessary updates.

Apache Tomcat Security Advisory. [Published Date: 2025-03-18]

Apache published a security advisory to address vulnerabilities in the following products:

Apache Tomcat 11.0.0-M1 to 11.0.2
Apache Tomcat 10.1.0-M1 to 10.1.34
Apache Tomcat 9.0.0-M1 to 9.0.98

Review the provided Apache Security Advisory and apply the necessary updates.

Red Hat Security Advisory. [Published Date: 2025-03-16]

Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:

Red Hat CodeReady Linux Builder - multiple versions and platforms
Red Hat Enterprise Linux - multiple versions and platforms
Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Red Hat Enterprise Linux Server - multiple versions and platforms

Review the following RedHat Security Advisory and apply the necessary updates.

Dell Security Advisory. [Published Date: 2025-03-16]

Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

Dell APEX Cloud Platform for Red Hat OpenShift - versions prior to 03.01.02.00
Dell Cloud Tiering Appliance CTA and CTA-HA - versions prior to 13.2.0.2.33
Dell Cloud Tiering Appliance CTA/VE and CTA-HA/VE - versions prior to 13.2.0.2.33
Dell Connectrix B-Series and SANnav - multiple models and versions
Dell Integrated System for Microsoft Azure Stack HCI - multiple models and versions
Dell Networking OS10 - version 10.5.5.x and 10.5.6.x
Dell VxRail Appliance - multiple models and versions

Review the provided Dell Security Advisory and apply the necessary updates.

Ubuntu Security Advisory. [Published Date: 2025-03-16]

Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:

Ubuntu 14.04 ESM
Ubuntu 16.04 ESM
Ubuntu 18.04 ESM
Ubuntu 20.04 LTS
Ubuntu 22.04 LTS
Ubuntu 24.04 LTS

Review the Ubuntu Security Notices and apply the necessary updates.

GitLab Security Advisory. [Published Date: 2025-03-15]

GitHub published a security advisory to address a vulnerability in tj-actions/changed-files GitHub Actions - versions 45.07 and prior.

Review the provided GitHub Security Advisory and perform the suggested mitigations.

VMware Security Advisory. [Published Date: 2025-03-13]

VMware released a security advisory to address multiple vulnerabilities in VMWare Tanzu GemFire - versions prior to 10.0.6.

Review the VMware security advisory VMware VMSA-2025-002 and apply the necessary updates.

Microsoft Edge Security Advisory. [Published Date: 2025-03-12]

Microsoft published a security update to address vulnerabilities in Edge Stable Channel - versions prior to 134.0.3124.66.

Review the following advisories and apply the necessary updates:

Palo Alto Networks Security Advisory. [Published Date: 2025-03-12]

Palo Alto Networks published a security advisory to address a critical vulnerability in Prisma Access Browser - versions prior to 133.16.4.99.

Review the Security Advisory and apply the necessary updates.

[Alert] Mass Exploitation of Critical PHP-CGI Vulnerability (CVE-2024-4577). [Published Date: 2025-03-12]

There are reports of ongoing and increased exploitation of CVE-2024-4577 ¹,²,³, a critical remote code execution (RCE) vulnerability in the PHP-CGI implementation of PHP on Windows.

Windows-based PHP installations configured to use PHP-CGI are specifically at risk as the vulnerability exploits Unicode processing in the CGI module.

Organizations should determine if they are at risk by verifying whether they are running vulnerable versions of PHP installed on Windows.

Organizations are advised to update to the following versions of PHP:

PHP 8.3 - update to 8.3.8 or later
PHP 8.2 - update to 8.2.20 or later
PHP 8.1 - update to 8.1.29 or later

Reference:

GitLab Security Advisory. [Published Date: 2025-03-12]

GitHub published a security advisory to address a critical vulnerability in the following products:

GitLab Community Edition (CE) - versions prior to 17.9.2, 17.8.5 and 17.7.7
GitLab Enterprise Edition (EE) - versions prior to 17.9.2, 17.8.5 and 17.7.7

Review the provided GitLab Critical Patch Release: 17.9.2, 17.8.5, 17.7.7, and perform the suggested mitigations.

HPE security advisory [Published Date: 2025-03-12]

HPE published a security advisory to address vulnerabilities in the following products:

HPE Cray EX235a Accelerator Blade - versions prior to v2.1.0 (HFP 25.1.2)
HPE Cray EX235n Server - versions prior to v1.5.1 (HFP 24.10.1)
HPE Cray EX255a Accelerator Blade - versions prior to v1.4.0 (HFP 25.1.2)
HPE Cray EX425 Compute Blade - versions prior to v1.7.6 (HFP 24.10.1)
HPE Cray EX4252 Compute Blade - versions prior to v2.0.1 (HFP 25.1.2)
HPE ProLiant XL225n Gen10 Plus 1U Node - versions prior to v3.60_01-16-2025
HPE ProLiant XL645d Gen10 Plus Server - versions prior to v3.40_10-04-2024 (HFP 24.11.0)
HPE ProLiant XL675d Gen10 Plus Server - versions prior to v3.40_10-04-2024 (HFP 24.11.0)
HPE Cray XD665 - versions prior to v1.50 On the Portal HPE Cray SC XD665 Firmware Pack 2024.09.00
HPE Cray XD675 - versions prior to v3.1.5 (HPE Cray SC XD665 Firmware Pack 2024.09.00)

Review the HPE security bulletins and apply the necessary updates.

Cisco Security Advisory. [Published Date: 2025-03-12]

Cisco published a security advisory to address a vulnerability in the Cisco IOS XR - multiple versions and platforms.

Review the Cisco Security Advisory and apply the necessary updates.

Juniper Networks Security Advisory. [Published Date: 2025-03-12]

Juniper Networks published a security advisory to address a critical vulnerability in the following products:

JunoOS - versions prior to 21.2R3-S9
JunoOS 21.4 - versions prior to 21.4R3-S10
JunoOS 22.2 - versions prior to 22.2R3-S6
JunoOS 22.4 - versions prior to 22.4R3-S6
JunoOS 23.2 - versions prior to 23.2R2-S3
JunoOS 23.4 - versions prior to 23.4R2-S4
JunoOS 24.2 - versions prior to 24.2R1-S2, 24.2R2

Review the following advisories and apply the necessary updates:

SAP security advisory - March 2025 monthly rollup. [Published Date: 2025-03-11]

SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:

SAP Commerce Cloud - versions HY-COM 2205 and COM-CLOUD 2211
SAP Commerce (Swagger UI) - version COM_CLOUD 2211
SAP NetWeaver (ABAP Class Builder) - multiple versions

Review the SAP Security Patch Day - March 2025 and apply the necessary updates.

Ivanti Security Advisory. [Published Date: 2025-03-11]

Ivanti published a security advisory to address a vulnerability in Ivanti Secure Access Client (ISAC) - version 22.7R3 and prior.

Review the Ivanti Security Advisory - March security advisory Ivanti Secure Access Client and apply the necessary updates.

Fortinet Security Advisory. [Published Date: 2025-03-11]

Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:

FortiADC - multiple versions
FortiIsolator 2.4 - versions 2.4.0 to 2.4.5
FortiSandbox - multiple versions
FortiSIEM - multiple versions

Review the Fortinet Advisory and apply the necessary updates.

Microsoft March 2025 Security Updates. [Published Date: 2025-03-11]

Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:

Microsoft 365 Apps - multiple versions and platforms
Microsoft Office - multiple versions and platforms
Remote Desktop client for Windows Desktop
Windows 10 - multiple versions and platforms
Windows 11 - multiple versions and platforms
Windows App Client for Windows Desktop
Windows Server - multiple versions and platforms

Review the Microsoft Security Updates and apply the necessary updates (Security Update Guide).

Adobe Security Advisory. [Published Date: 2025-03-11]

Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:

Acrobat 2024 - version 24.001.30225 and prior
Acrobat 2020 - version 20.005.30748 and prior
Acrobat Reader 2020 - version 20.005.30748 and prior
Acrobat DC - version 25.001.20428 and prior
Acrobat Reader DC - version 25.001.20428 and prior
Adobe Illustrator 2024 - version 28.7.4 and prior
Adobe Illustrator 2025 - version 29.2.1 and prior
Adobe InDesign - version ID19.5.2 and prior, version ID20.1 and prior
Adobe Substance 3D Designer - version 14.1 and prior
Adobe Substance 3D Modeler - version 1.15 and prior
Adobe Substance 3D Painter - version 10.1.2 and prior
Adobe Substance 3D Sampler - version 4.5.2 and prior

Review the Adobe Security Advisories and apply the necessary updates.

HPE Security Advisory. [Published Date: 2025-03-11]

HPE published a security advisory to address vulnerabilities in HPE HPE Cray XD670 - versions prior to BMC v1.19.

Review the HPE security bulletins and apply the necessary updates.

Apple Security Advisory. [Published Date: 2025-03-11]

Apple published security updates to address vulnerabilities in the following products:

iOS and iPadOS - versions prior to 18.3.2
macOS Sequoia - versions prior to 15.3.2
Safari - versions prior to 18.3.1

Review the following advisories and apply the necessary updates:

Google Chrome Security Advisory. [Published Date: 2025-03-10]

Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 134.0.6998.88 for Linux and prior to 134.0.6998.88/89 for Windows and Apple MAC.

Review the Google security bulletins and apply the necessary updates.

IBM Security Advisory. [Published Date: 2025-03-09]

IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products

IBM API Connect - versions V10.0.5.0 to V10.0.5.8 and V10.0.8.0 to 10.0.8.1
IBM App Connect Enterprise Certified Containers Operands - CD: 12.0.7.0-r4 to 12.0.12.5-r1, 13.0.1.0-r1 to 13.0.2.0-r1
IBM App Connect Enterprise Certified Containers Operands - 12.0 LTS: 12.0.12-r1 to 12.0.12-r7
IBM App Connect Operator - CD: 7.2.0-11.6.0, 12.1.0 to 12.7.0
IBM App Connect Operator - 12.0 LTS: 12.0.0 to 12.0.7
IBM DataStage on Cloud Pak for Data - version 4.8.4
IBM Jazz Foundation - version 7.0.2
IBM Netcool Operations Insight - versions 1.4 to 1.4.12, 1.5 to 1.5.0.1 and 1.6 to 1.6.13
IBM Observability with Instana (OnPrem) - versions 1.0.287 to 1.0.290
IBM Qiskit SDK - versions 0.18.0 to 1.4.1
IBM Total Storage Service Console (TSSC) / TS4500 IMC - versions 9.4.14, 9.4.21, 9.4.26, 9.4.31, 9.5.8, 9.6.10 and 9.6.15
IBM watsonx Assistant Cartridge - versions 4.0 to 5.1.0
IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component - versions 5.0 to 5.1.0

Review the IBM Security Advisory and apply the necessary updates.

Ubuntu Security Advisory. [Published Date: 2025-03-09]

Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:

Ubuntu 14.04 ESM
Ubuntu 16.04 ESM
Ubuntu 20.04 LTS
Ubuntu 22.04 LTS
Ubuntu 24.04 LTS
Ubuntu 24.10

Review the Ubuntu Security Notices and apply the necessary updates.

IBM security advisory. [Published Date: 2025-03-09]

IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products

GSDC Platform On-prem - version 3.6.2
IBM Aspera Shares - versions 1.9.9 to 1.10.0 PL7
IBM Engineering Requirements Management DOORS Next - versions 7.0.2, 7.0.3 and 7.1
IBM Instana Observability - build 1.0.287
ICP - Discovery - versions 4.0.0 to 4.8.7 and versions 5.0.0 to 5.1.0
SPSS Collaboration and Deployment Services - version 8.5
Watson Studio on Cloud Pak for Data - versions 4.0.0 to 4.8.6 and versions 5.0.0 to 5.0.3
watsonx.data - version 2.1

Review the IBM Security Advisory and apply the necessary updates.

Red Hat Security Advisory. [Published Date: 2025-03-09]

Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:

Red Hat CodeReady Linux Builder - multiple versions and platforms
Red Hat Enterprise Linux - multiple versions and platforms
Red Hat Enterprise Linux Server - multiple versions and platforms

Review the following RedHat Security Advisory and apply the necessary updates.

Dell Security Advisory. [Published Date: 2025-03-09]

Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

Dell Data Protection Search - versions 19.6.0, 19.6.1, 19.6.2, 19.6.3, 19.6.4 and 19.6.5
Dell Integrated Data Protection Appliance - version 2.7.8 and prior
Dell Secure Connect Gateway - Appliance - version 5.26.00.20
PowerStore 500T, 1000T, 1200 T, 3000T, 3200Q, 3200T, 5000T, 5200T, 7000T, 9000T and 9200T - versions prior to 4.0.1.2-2445526
PowerStore 1000X, 3000X, 5000X, 7000X and 9000X - versions prior to ESXi70U3s-24585291

Review the provided Dell Security Advisory and apply the necessary updates.

Microsoft Warns of Malvertising Campaign Infecting Over 1 Million Devices Worldwide. [Published Date: 2025-03-06]

This Microsoft Security blog post details a malvertising campaign that distributes information-stealing malware via GitHub. Attackers use deceptive ads to trick users into downloading malicious files. These files, hosted on GitHub, execute data theft operations once installed. Microsoft warns users to remain vigilant and avoid clicking on suspicious advertisements.

Review the Microsoft blog post and apply/do the recommended mitigations to protect and detect malicious activity.

VMware Security Advisory. [Published Date: 2025-03-04]

VMware released a security advisory to address vulnerabilities in the following products:

VMware ESXi - versions 8.0 and 7.0
VMware Workstation - version 17.x
VMware Fusion - version 13.x
VMware Cloud Foundation - versions 5.x and 4.5.x
VMware Telco Cloud Platform - versions 5.x, 4.x, 3.x, 2.x
VMware Telco Cloud Infrastructure - versions 3.x, 2.x

Review the following advisories and apply the necessary updates:

Mozilla Security Advisory. [Published Date: 2025-03-04]

Mozilla published security advisories to address vulnerabilities in the following products:

Firefox ESR - versions prior to 128.8
Firefox ESR - versions prior to 115.21
Firefox - versions prior to 136

Review the following advisories and apply the necessary updates:

Google Chrome Security Advisory. [Published Date: 2025-03-04]

Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 134.0.6998.35 for Linux and prior to 134.0.6998.35/36 for Windows and 134.0.6998.44/45 for Apple MAC.

Review the Google security bulletins and apply the necessary updates.

Qualcomm Security Advisory - March 2025 monthly rollup. [Published Date: 2025-03-03]

Qualcomm published a security bulletin to address vulnerabilities affecting multiple chipsets.

Review the Qualcomm Security Bulletin and apply the necessary updates.

Android security advisory - March 2025 Monthly Rollup. [Published Date: 2025-03-03]

Android published a security bulletin to address vulnerabilities affecting Android devices.

Review the Android Security Bulletin and apply the necessary updates.

Dell Security Advisory. [Published Date: 2025-03-02]

Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

Dell Networking OS10 - version 10.5.4.x
Dell Policy Manager for Secure Connect Gateway - version 5.26.00.18
Dell PowerScale OneFS - versions 9.4.0.0 to 9.5.1.1
Dell PowerScale OneFS - versions 9.5.0.0 to 9.7.1.4
Dell PowerScale OneFS - versions 9.8.0.0 to 9.9.0.1
Integrated System for Microsoft Azure Stack Hub 14G - versions prior to 2407
Integrated System for Microsoft Azure Stack Hub 14G - versions prior to 2411
Integrated System for Microsoft Azure Stack Hub 16G - versions prior to 2411
Dell PowerEdge R750XA - versions prior to 1.0
Dell PowerEdge R7515 - versions prior to 1.0
Dell PowerEdge R7525 - versions prior to 1.0
Dell PowerEdge R760XA - versions prior to 1.0
Dell PowerEdge R7615 - versions prior to 1.0
Dell PowerEdge R7625 - versions prior to 1.0
Dell PowerEdge XE9680 - versions prior to A00

Review the provided Dell Security Advisory and apply the necessary updates.

IBM security advisory. [Published Date: 2025-03-02]

IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products

IBM Cloud Pak for Business Automation - versions 24.0.1, V24.0.0 to V24.0.0 to IF003 and unsupported versions
IBM Cognos Analytics - versions 11.2.0 to 11.2.4 FP5 and 12.0.0 to 12.0.4
IBM Jazz Reporting Service - versions 7.0.2 and 7.0.3
IBM Software Support App (iOS) - version 1.0.0
IBM Software Support app (Android) - version 1.0.0
IBM Storage Virtualize - multiple versions
IBM TXSeries for Multiplatforms - versions 8.1, 8.2, 9.1 and 10.1
IBM Watson Speech Services Cartridge - version 4.0.0 to 5.1.0
IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data - versions 4.8.4 to 4.8.5 and 5.0.0 to 5.1.0
watsonx.data - versions 2.0.2 to 2.1.0 and 2.1

Review the IBM Security Advisory and apply the necessary updates.

Ubuntu Security Advisory. [Published Date: 2025-03-02]

Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:

Ubuntu 14.04 ESM
Ubuntu 16.04 ESM
Ubuntu 18.04 ESM
Ubuntu 20.04 LTS
Ubuntu 22.04 LTS
Ubuntu 24.04 LTS

Review the Ubuntu Security Notices and apply the necessary updates.

GitLab Security Advisory. [Published Date: 2025-02-26]

GitHub published a security advisory to address a critical vulnerability in the following products:

GitLab Community Edition (CE) - versions prior to 17.9.1, 17.8.4 and 17.7.6
GitLab Enterprise Edition (EE) - versions prior to 17.9.1, 17.8.4 and 17.7.6

Review the provided GitLab Patch Release: 17.9.1, 17.8.4, 17.7.6, and perform the suggested mitigations.

Google Chrome Security Advisory. [Published Date: 2025-02-25]

Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 133.0.6943.141 for Linux and prior to 133.0.6943.141/142 for Windows and Apple MAC.

Review the Google security bulletins and apply the necessary updates.

HPE Security Advisory. [Published Date: 2025-02-24]

HPE published a security advisory to address vulnerabilities in the following products:

Console Clim Utilities T0697 - versions T0697H01^AAA and T0697H01^AAQ
CLIM DVD Installation Software T0853 - versions T0853L03-T0853L03^DDA, T0989L03-T0989L03^DDA, T0976L03-T0976L03^DDA and T0853J03-T0853J03^CEE
HPE Cray EX425 Compute Blade - versions prior to v1.7.6 (HFP 24.11.0)

Review the following HPE Security Advisory and apply the necessary updates:

Ubuntu Security Advisory. [Published Date: 2025-02-23]

Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:

Ubuntu 16.04 ESM
Ubuntu 18.04 ESM
Ubuntu 20.04 LTS
Ubuntu 22.04 LTS
Ubuntu 24.04 LTS
Ubuntu 24.10

Review the following Ubuntu Security Advisory and apply the necessary updates:

IBM security advisory. [Published Date: 2025-02-23]

IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products

IBM Cognos Controller - versions 11.0.0 to 11.0.1 FP3
IBM Controller - version 11.1.0
IBM CP4MCM - versions 2.3 to 2.3 FP9
IBM Data Virtualization on Cloud Pak for Data - multiple versions
Maas360 Configuration Utility - versions 2.90.000 to 3.000.950
Maas360 Mobile Enterprise Gateway - versions 2.90.000 to 3.000.800
IBM Watson Query on Cloud Pak for Data - multiple versions
Watson Studio on Cloud Pak for Data - Execution Engine for Apache Hadoop - version 5.0

Review the IBM Security Advisory and apply the necessary updates.

Dell Security Advisory. [Published Date: 2025-02-23]

Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

Dell Networking S5448F-ON - versions prior to 3.52.5.1-12
Dell Networking Z9432F-ON - versions prior to 3.51.5.1-21
Dell Networking Z9664F-ON - versions prior to 3.54.5.1-9
Networker Management Console - versions 19.11 to 19.11.0.3 and versions prior to 19.10.0.7
PowerPath Management Appliance - version 4.0 P02
PowerStore 500T, 1000T, 1200T, 3000T, 3200Q, 3200T, 5000T, 5200T, 7000T, 9000T and 9200T - versions prior to 4.1.0.0-2435323
RecoverPoint for Virtual Machines - versions 6.0 SP1, 6.0 SP1 P1 and 6.0 SP1 P2

Review the provided Dell Security Advisory and apply the necessary updates.

Signal Apps Update. [Published Date: 2025-02-21]

Signal updates containing hardened features to help protect against phishing campaigns affecting the following products:

Signal iOS - as of today, versions prior to 7.47 (latest version)
Signal Android - as of today, versions prior to 7.33.2 (latest version)

Update Signal Apps when available. To do the update, please follow the following web link:

Updating Signal

Microsoft Edge Security Advisory. [Published Date: 2025-02-20]

Microsoft published a security update to address vulnerabilities in Edge Stable Channel - versions prior to 132.0.2957.171.

Review the Release notes for Microsoft Edge Security Updates and apply the necessary updates.

Critical Vulnerability (CVE-2018-19410) Exposes 600 PRTG Instances in Bangladesh [Published Date: 2025-02-18]

As part of BGD e-GOV CIRT continuous efforts to monitor emerging threats and vulnerabilities that could compromise national security, our Cyber Threat Intelligence Unit has identified 600 vulnerable PRTG instances in Bangladesh affected by CVE-2018-19410-a critical-severity vulnerability. This....

OpenSSH Security Advisory. [Published Date: 2025-02-18]

OpenSSH published a security advisory to address vulnerabilities in OpenSSH - versions 6.8p1 to 9.9p1.

Review the OpenSSH Release Note and apply the necessary updates.

Juniper Networks Security Advisory. [Published Date: 2025-02-18]

Juniper Networks published a security advisory to address a critical vulnerability in the following products:

Junos OS - multiple versions
Junos OS Evolved - multiple versions
Junos Space - versions prior to 24.1R2

Review the Juniper Networks Security - JSA94663 and apply the necessary updates.

Citrix Security Advisory. [Published Date: 2025-02-18]

Citrix published security advisories to address vulnerabilities in the following products:

NetScaler Console 14.1 - versions prior to 14.1-38.53
NetScaler Console 13.1 - versions prior to 13.1-56.18
NetScaler Agent 14.1 - versions prior to 14.1-38.53
NetScaler Agent 13.1 - versions prior 13.1-56.18

Review Citrix security advisory and apply necessary updates.

Mozilla Security Advisory. [Published Date: 2025-02-18]

Mozilla published security advisories to address vulnerabilities in Firefox - versions prior to 135.0.1.

Review the Mozilla security bulletins and apply the necessary updates.

Google Chrome Security Advisory. [Published Date: 2025-02-18]

Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 133.0.6943.126 for Linux and prior to 133.0.6943.126/127 for Windows and Apple MAC.

Review the Google security bulletins and apply the necessary updates.

Atlassian Security Advisory. [Published Date: 2025-02-18]

Atlassian published security advisories to address vulnerabilities in the following products:

Bamboo Data Center and Server - multiple versions
Bitbucket Data Center and Server - multiple versions
Confluence Data Center and Server - multiple versions
Crowd Data Center and Server - multiple versions
Jira Data Center and Server - multiple versions

Review the Atlassian Security Advisory and apply the necessary update.

CISA and Partners Release Advisory on Ghost (Cring) Ransomware. [Published Date: 2025-02-18]

Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Federal Bureau of Investigation (FBI) and Multi-State Information Sharing and Analysis Center (MS-ISAC)- released a joint Cybersecurity Advisory, Ransomware: Ghost (Cring) Ransomware. This advisory provides network defenders with indicators of compromise (IOCs), tactics, techniques, procedures (TTPs), and detection methods associated with Ghost ransomware activity identified through FBI investigations.

Ghost actors conduct these widespread attacks, targeting and compromising organizations with outdated versions of software and firmware on their internet facing services. These malicious ransomware actors are known to use publicly available code to exploit Common Vulnerabilities and Exposures (CVEs) where available patches have not been applied to gain access to internet facing servers. The known CVEs are CVE-2018-13379, CVE-2010-2861, CVE-2009-3960, CVE-2021-34473, CVE-2021-34523, CVE-2021-31207.

Review this joint advisory and apply the recommended mitigations to protect and detect malicious activity.

Ubuntu Security Advisory. [Published Date: 2025-02-16]

Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:

Ubuntu 14.04 ESM
Ubuntu 16.04 ESM
Ubuntu 20.04 LTS
Ubuntu 22.04 LTS
Ubuntu 24.10

Review the Ubuntu Security Notices and apply the necessary updates.

Dell Security Advisory. [Published Date: 2025-02-16]

Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

Dell Avamar NDMP Accelerator - multiple versions
Dell Avamar Server Hardware Appliance Gen4T/Gen5A - multiple versions
Dell Avamar Virtual Edition - multiple versions
Dell Avamar VMware Image Proxy - multiple versions
Dell Networker Virtual Edition (NVE) - multiple versions
Dell Power Protect DP Series Appliance - version 2.7.8 and prior running on SLES12SP5
PowerPath Management Appliance - version 4.0 P02

Review the following advisories and apply the necessary updates:

Red Hat Security Advisory. [Published Date: 2025-02-16]

Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:

Red Hat CodeReady Linux Builder - multiple versions and platforms
Red Hat Enterprise Linux - multiple versions and platforms
Red Hat Enterprise Linux Server - multiple versions and platforms

Review the following RedHat Security Advisory and apply the necessary updates.

Microsoft Edge Security Advisory. [Published Date: 2025-02-14]

Microsoft published a security update to address vulnerabilities in Edge Stable Channel - versions prior to 133.0.3065.69.

Review the Release notes for Microsoft Edge Security Updates and apply the necessary updates.

PostgreSQL Security Advisory. [Published Date: 2025-02-13]

PostgreSQL published a security advisory to address vulnerabilities in PostgreSQL - 13.x versions prior to 13.19, 14.x versions prior to 14.16, 15.x versions prior to 15.11, 16.x versions prior to 16.7 and 17.x versions prior to 17.3.

Review the PostgreSQL Advisory - quoting APIs miss neutralizing quoting syntax in text that fails encoding validation and apply the necessary updates.

Palo Alto Networks Security Advisory. [Published Date: 2025-02-12]

Palo Alto Networks published security advisories to address vulnerabilities in multiple versions of PAN-OS. Included were updates for the following:

PAN-OS 11.2 - versions prior to 11.2.4-h4
PAN-OS 11.1 - versions prior to 11.1.6-h1
PAN-OS 10.2 - versions prior to 10.2.13-h3
PAN-OS 10.1 - versions prior to10.1.14-h9

Review the following advisories and apply the necessary updates:

Google Chrome Security Advisory. [Published Date: 2025-02-12]

Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 133.0.6943.98 for Linux and prior to 133.0.6943.98/.99 for Windows and Apple MAC.

Review the Google security bulletins and apply the necessary updates.

GitLab Security Advisory. [Published Date: 2025-02-12]

GitHub published a security advisory to address a critical vulnerability in the following products:

GitLab Community Edition (CE) - versions prior to 17.8.2, 17.7.4 and 17.6.5
GitLab Enterprise Edition (EE) - versions prior to 17.8.2, 17.7.4 and 17.6.5

Review the provided GitLab Patch Release: 17.8.2, 17.7.4, 17.6.5, and perform the suggested mitigations.

SAP security advisory - February 2025 monthly rollup. [Published Date: 2025-02-11]

SAP published security advisories to address vulnerabilities in multiple products. Included were updates for the following:

Library - @sap/approuter - version 2.6.1 to 16.7.1
SAP BusinessObjects Business Intelligence platform (Central Management Console) - versions ENTERPRISE 430 and 2025
SAP Enterprise Project Connection - version 3.0
SAP NetWeaver AS Java (User Admin Application) Version - version 7.50
SAP Supplier Relationship Management (Master Data Management Catalog) - version SRM_MDM_CAT 7.52

Review the SAP Security Patch Day - February 2025 and apply the necessary updates.

Ivanti Security Advisory. [Published Date: 2025-02-11]

Ivanti published security advisories to address vulnerabilities in multiple products. Included were updates for the following:

Ivanti Connect Secure (ICS) - version 22.7R2.5 and prior
Ivanti CSA - version 5.0.4 and prior
Ivanti Policy Secure (IPS) - version 22.7R1.2 and prior
Ivanti Secure Access Client (ISAC) - version 22.7R4 and prior

Review the following advisories and apply the necessary updates:

Fortinet Security Advisory. [Published Date: 2025-02-11]

Fortinet published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:

FortiOS 7.6 - version 7.6.0
FortiOS 7.4 - versions 7.4.0 to 7.4.4
FortiOS 7.2 - versions 7.2.0 to 7.2.9 and versions 7.2.4 to 7.2.8
FortiOS 7.0 - versions 7.0.0 to 7.0.15
FortiOS 6.4 - all versions
FortiPortal 7.4 - version 7.4.0 to 7.4.2
FortiPortal 7.2 - version 7.2.0 to 7.2.6
FortiPortal 7.0 - version 7.0.0 to 7.0.11

Review the following advisories and apply the necessary updates:

Microsoft February 2025 monthly Security Updates rollup. [Published Date: 2025-02-11]

Microsoft published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:

System Center 2019, 2022 and 2025
Microsoft 365 Apps - multiple versions and platforms
Microsoft Azure - multiple versions and platforms
Microsoft Dynamics 365 Sales
Microsoft Excel 2016 - version 16.0.5487.1000
Microsoft Office - multiple versions and platforms
Microsoft SharePoint - multiple versions and platforms
Microsoft Visual Studio - multiple versions
Windows 10 - multiple versions and platforms
Windows 11 - multiple versions and platforms
Windows Server - multiple versions and platforms

Review the Microsoft Security Updates and apply the necessary updates (Security Update Guide).

Adobe Security Advisory. [Published Date: 2025-02-11]

Adobe published security advisories to address vulnerabilities in multiple products. Included were updates for the following products:

Adobe Commerce - multiple versions
Adobe Commerce B2B - multiple versions
Adobe Illustrator 2024 - version 28.73 and prior
Adobe Illustrator 2025 - version 29.1 and prior
Adobe InCopy - version 19.5.1 and prior, version 20.0 and prior
Adobe InDesign - version ID19.5.2 and prior, version ID20.1 and prior
Adobe Magento Open Source - multiple versions
Adobe Substance 3D Designer - version 14.0.2 and prior

Review the Adobe Security Advisories and apply the necessary updates.

HPE security advisory [Published Date: 2025-02-11]

HPE published a security advisory to address vulnerabilities in the following products:

HPE ProLiant DL145 Gen11 - versions prior to v1.30_10-04-2024
HPE ProLiant DL325 Gen10 Plus server - versions prior to v3.40_10-04-2024
HPE ProLiant DL325 Gen10 Plus v2 server - versions prior to 3.40_10-04-2024
HPE ProLiant DL325 Gen10 Server - versions prior to 3.30_10-04-2024
HPE ProLiant DL325 Gen11 Server - versions prior to v1.70_09-06-2024
HPE ProLiant DL345 Gen10 Plus server - versions prior to 3.40_10-04-2024
HPE ProLiant DL345 Gen11 Server - versions prior to v1.70_09-06-2024
HPE ProLiant DL365 Gen10 Plus server - versions prior to 3.40_10-04-2024
HPE ProLiant DL365 Gen11 Server - versions prior to v1.70_09-06-2024
HPE ProLiant DL385 Gen10 Plus server - versions prior to 3.40_10-04-2024
HPE ProLiant DL385 Gen10 Plus v2 server - versions prior to 3.40_10-04-2024
HPE ProLiant DL385 Gen10 Server - versions prior to 3.30_10-04-2024
HPE ProLiant DL385 Gen11 Server - versions prior to v1.70_09-06-2024
HPE ProLiant XL225n Gen10 Plus 1U Node - versions prior to 3.40_10-04-2024
HPE ProLiant XL645d Gen10 Plus Server - versions prior to 3.40_10-04-2024
HPE ProLiant XL675d Gen10 Plus Server - versions prior to v3.40_10-04-2024

Review the HPE security bulletins and apply the necessary updates.

Intel Security Advisory. [Published Date: 2025-02-11]

Intel published security advisories to address vulnerabilities in multiple products. Included were updates for the following:

Intel® RealSense™ Advisory
Intel® MLC Software Advisory
BIOS and System Firmware Update Package Advisory
Intel® 800 Series Ethernet Driver Software

Review the provided Intel Security Advisories and perform the suggested mitigations.

Apple Security Advisory. [Published Date: 2025-02-10]

Apple published security updates to address vulnerabilities in the following products:

iOS and iPadOS - versions prior to 18.3.1
iPadOS - versions prior to 17.7.5

Review the provided Apple Security Advisory and apply the necessary updates.

IBM security advisory. [Published Date: 2025-02-09]

IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products

CP4NA - version 2.7.6
GDSC Platform On-prem - version 3.6.1
IBM Asset Data Dictionary Component - version 1.1
IBM Cloud Pak for Business Automation - multiple versions
IBM Cloud Pak for Security - versions 1.10.0.0 to 1.10.11.0
IBM Cloud Pak System - multiple versions
IBM dashDB Local - version 11.5.8.0 to refresh 8
IBM Observability with Instana (OnPrem) - build 281-287
IBM Security QRadar EDR - version 3.12
IBM QRadar Suite Software - version 1.10.12.0 to 1.10.24.0
IBM watsonx.data - version 1.0.0 to 2.0.0
PUB - version 7.0.2 and 7.0.3

Review the IBM Security Advisory and apply the necessary updates.

Ubuntu Security Advisory. [Published Date: 2025-02-09]

Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:

Ubuntu 16.04 ESM
Ubuntu 18.04 ESM
Ubuntu 20.04 LTS
Ubuntu 24.10

Review the following Ubuntu Security Advisory and apply the necessary updates:

Dell Security Advisory. [Published Date: 2025-02-09]

Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

Dell Avamar Data Store Gen5A, Gen4T - versions 19.4, 19.7, 19.8, 19.9, 19.10 and 19.10 SP1
Dell Avamar Virtual Edition - multiple versions and platforms
Dell Protection Advisor - versions 19.9, 19.10 and 19.11
Dell VxRail Appliance - versions 0.000 to 8.0.320

Review the following advisories and apply the necessary updates:

IBM security advisory. [Published Date: 2025-02-09]

IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products

IBM App Connect Enterprise Certified Container - multiple versions
IBM Operational Decision Manager - versions 8.11.0.1, 8.11.1.0, 8.12.0.1 and 9.0.0.1
IBM QRadar Deployment Intelligence App - version 1.0.0 to 3.0.15
IBM Watson Assistant for IBM Cloud Pak for Data - versions 4.0.0 to 4.8.7
IBM Watson Studio on Cloud Pak for Data - Execution Engine for Apache Hadoop - version 5.0
IBM watsonx.data - versions 1.1.0 to 2.1.0

Review the IBM Security Advisory and apply the necessary updates.

Microsoft Edge Security Advisory. [Published Date: 2025-02-06]

Microsoft published a security update to address vulnerabilities in Edge Stable Channel - versions prior to 133.0.3065.51.

Review the Release notes for Microsoft Edge Security Updates and apply the necessary updates.

Cisco Security Advisory. [Published Date: 2025-02-05]

Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

Cisco IOS - versions 15.2E, 15.5SY and 15.9M
Cisco IOS XE - versions 3.11E, 16.12, 17.9, 17.12 and 17.15
Cisco IOS XR - versions 24.2 and prior, 24.3, 24.4 and 25.2
Cisco Identity Services Engine (ISE) - versions 3.0, 3.1, 3.2 and 3.3

Review the following Cisco Security Advisory and apply the necessary updates

F5 Security Advisory. [Published Date: 2025-02-05]

F5 published Quarterly Security Notifications for multiple products. Included were updates for the following:

BIG-IP (all modules) - multiple versions
BIG-IP Next SPK - multiple versions
BIG-IP (PEM) - multiple versions
BIG-IP (ASM) - multiple versions
BIG-IP (APM) - versions 16.1.3 to 16.1.4
BIG-IP (AFM) - multiple versions
BIG-IP Next CNF - versions 1.1.0 to 1.3.3

Review the F5 Security Advisories and apply the necessary updates.

Veeam Security Advisory. [Published Date: 2025-02-04]

Veeam published security advisories to address vulnerabilities in the following products:

Veeam Backup & Replication - version 12.2.0.334 and prior
Veeam Service Provider Console - version 8.1.0.21377 and prior

Review the Veeam Security Advisory and apply the necessary updates.

HPE Security Advisory. [Published Date: 2025-02-04]

HPE published a security advisory to address vulnerabilities in HPE Aruba Networking ClearPass Policy Manager - 6.12.x versions prior to 6.12.3 and 6.11.x versions prior to 6.11.9.

Review the HPE security bulletins and apply the necessary updates.

Mozilla Security Advisory. [Published Date: 2025-02-04]

Mozilla published security advisories to address vulnerabilities in the following products:

Thunderbird - versions prior to 135
Thunderbird ESR - versions prior to 128.7
Firefox ESR - versions prior to 128.7
Firefox ESR - versions prior to 115.20
Firefox - versions prior to 135

Review the Mozilla Security Advisories and apply the necessary updates.

Google Chrome Security Advisory. [Published Date: 2025-02-04]

Google has released security updates to address multiple vulnerabilities affecting Stable Channel Chrome versions 133.0.6943.53 for Linux and prior to 33.0.6943.53/54 for Windows and Apple MAC.

Review the Google security bulletins and apply the necessary updates.

Android security advisory - February 2025 Monthly Rollup. [Published Date: 2025-02-03]

Android published a security bulletin to address vulnerabilities affecting Android devices.

Review the Android Security Bulletin and apply the necessary updates.

Qualcomm Security Advisory - February 2025 monthly rollup. [Published Date: 2025-02-03]

Qualcomm published a security bulletin to address vulnerabilities affecting multiple chipsets.

Review the Qualcomm Security Bulletin and apply the necessary updates.

Dell Security Advisory. [Published Date: 2025-02-02]

Dell published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

Dell Data Protection Central - versions prior to 19.10
Dell Enterprise SONiC Distribution - versions prior to 4.4.1 and 4.2.3
Dell NetWorker Virtual Edition - multiple versions
Dell NetWorker - multiple versions
Dell PowerProtect DD - multiple versions
Dell PowerStore X OS - versions prior to 3.2.1.5-2424458
Dell VxRail Appliance - versions 7.0.000 to 7.0.533
PowerProtect DP Series Appliances - versions prior to 2.7.8
PowerProtect Data Protection Software - versions prior to 2.7.8

Review the provided Dell Security Advisory and apply the necessary updates.

IBM Security Advisory. [Published Date: 2025-02-02]

IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products

IBM CP4MCM - version 2.3 to 2.3 FP9
IBM Db2 Warehouse on Cloud Pak for Data - multiple versions
IBM Planning Analytics Local - IBM Planning Analytics Workspace - versions 2.1 and 2.0
IBM Tivoli Network Manager IP Edition - version 4.2 GA to 4.2.0.20
IBM Watson Speech Services Cartridge - version 4.0.0 to 4.8.7
IBM® Db2® on Cloud Pak for Data - multiple versions
ICP - Discovery - versions 4.0.0 to 4.8.7 and 5.0.0 to 5.0.3
InfoSphere Information Server - version 11.7

Review the IBM Security Advisory and apply the necessary updates.

Ubuntu Security Advisory. [Published Date: 2025-02-02]

Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:

Ubuntu 14.04 ESM
Ubuntu 16.04 ESM
Ubuntu 18.04 ESM
Ubuntu 20.04 LTS
Ubuntu 22.04 LTS
Ubuntu 24.04 LTS
Ubuntu 24.10

Review the Ubuntu Security Notices and apply the necessary updates.

VMware Security Advisory. [Published Date: 2025-01-29]

VMware released a security advisory to address multiple vulnerabilities in VMWare Avi Load Balancer - versions 30.1.1, 30.1.2, 30.2.1, and 30.2.2.

Review VMware security advisory VMware VMSA-2025-002 and apply the necessary updates.

ISC BIND Security Advisory. [Published Date: 2025-01-29]

ISC released a security advisory to address ISC BIND 9 - versions 9.11.0 to 9.11.37, 9.16.0 to 9.16.50, 9.18.0 to 9.18.32, 9.20.0 to 9.20.4 and 9.21.0 to 9.21.3.

Review the following advisories and apply the necessary updates:

Ubuntu Security Advisory. [Published Date: 2025-01-28]

Ubuntu published a security notice to address vulnerabilities in the Linux kernel affecting the following products:

Ubuntu 22.04 LTS
Ubuntu 24.04 LTS

Review the Ubuntu Security Notices and apply the necessary updates.

TeamViewer Security Advisory. [Published Date: 2025-01-28]

TeamViewer published security updates to address vulnerabilities in the following products:

TeamViewer Full Client (Windows) - multiple versions
TeamViewer Host (Windows) - multiple versions

Review TeamViewer view security advisory Improper Neutralization of Argument Delimiters in TeamViewer Clients - TV-2025-1001 and apply the necessary updates.

Apple Security Advisory. [Published Date: 2025-01-27]

Apple published security updates to address vulnerabilities in the following products:

iOS and iPadOS - versions prior to 18.3
iOS iPadOS - versions prior to 17.7.4
macOS Sequoia - versions prior to 15.3
macOS Sonoma - versions prior to 14.7.3
macOS Ventura - versions prior to 13.7.3
Safari - versions prior to 18.3
tvOS - versions prior to 18.3
watchOS - versions prior to 11.3

Review the provided Apple Security Advisory and apply the necessary updates.

Red Hat Security Advisory. [Published Date: 2025-01-26]

Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:

Red Hat CodeReady Linux Builder - multiple versions and platforms
Red Hat Enterprise Linux - multiple versions and platforms
Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Red Hat Enterprise Linux Server for Power LE - multiple versions and platforms

Review the following RedHat Security Advisory and apply the necessary updates.

Red Hat Security Advisory. [Published Date: 2025-01-26]

Red Hat published security advisories to address vulnerabilities in multiple products. Included were updates to address vulnerabilities in the Linux kernel for the following products:

Red Hat CodeReady Linux Builder - multiple versions and platforms
Red Hat Enterprise Linux - multiple versions and platforms
Red Hat Enterprise Linux for Real Time - multiple versions and platforms
Red Hat Enterprise Linux Server for Power LE - multiple versions and platforms

Review the following RedHat Security Advisory and apply the necessary updates.

IBM Security Advisory. [Published Date: 2025-01-26]

IBM published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following products:

IBM App Connect Enterprise - versions 12.0.1.0 to 12.0.12.9 and versions 13.0.1.0 to 13.0.2.0
IBM Observability with Instana (OnPrem) - versions 281 to 287
IBM Engineering Lifecycle Optimization - PUB - versions 7.0.2 and 7.0.3
IBM Storage Copy Data Management - versions 2.2.0.0 to 2.2.24.1

Review the following advisories and apply the necessary updates:

GitHub Security Advisory. [Published Date: 2025-01-26]

GitHub published a security advisory to address a critical vulnerability in the following products:

GitHub Enterprise Server - versions 3.15.x prior to 3.15.2
GitHub Enterprise Server - versions 3.14.x prior to 3.14.7
GitHub Enterprise Server - versions 3.13.x prior to 3.13.10
GitHub Enterprise Server - versions 3.12.x prior to 3.12.14

Review the following advisories and apply the necessary updates:

Juniper Networks Security Advisory. [Published Date: 2025-01-24]

Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure Analytics - versions prior to 7.5.0 UP10 IF02.

Review the Juniper Networks Security Advisories - JSA82681 and apply the necessary updates.

SonicWall Security Advisory. [Published Date: 2025-01-23]

SonicWall published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

SonicWall Gen6 Hardware Firewalls - multiple models and version 6.5.4.15-117n and prior
SonicWall Gen7 Firewalls - multiple models and versions
SonicWall Gen7 NSv - multiple models and versions
SonicWall Gen7 Cloud Platform NSv - multiple models and versions
SonicWall TZ80 - version 8.0.0-8035

Review the Security Advisory and apply the necessary updates.

Atlassian Security Advisory. [Published Date: 2025-01-23]

Atlassian published security advisories to address vulnerabilities in the following products:

Bitbucket Data Center and Server - multiple versions
Confluence Data Center and Server - multiple versions
Crowd Data Center and Server - multiple versions
Jira Data Center and Server - multiple versions
Jira Service Management Data Center and Server - multiple versions

Review the Atlassian Security Advisory and apply the necessary update.

Cisco Security Advisory. [Published Date: 2025-01-22]

Cisco published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

Cisco BroadWorks - versions prior to RI.2024.11
Cisco Meeting Management - versions prior to 3.9.1

Review the following Cisco Security Advisory and apply the necessary updates

Jenkins Security Advisory. [Published Date: 2025-01-22]

Jenkins published a security advisory to address vulnerabilities in the following products:

Azure Service Fabric Plugin - version 1.6 and prior
Bitbucket Server Integration Plugin - version 4.1.3 and prior
Eiffel Broadcaster Plugin - version 2.10.2 and prior
Folder-based Authorization Strategy Plugin - version 17.vd5b_18537403e and prior
GitLab Plugin - version 1.9.6 and prior
OpenId Connect Authentication Plugin - version 4.452.v2849b_d3945fa_ and prior
Zoom Plugin - up to and including 1.5

Review the Jenkins security advisory and apply the necessary updates.

ICT Security Advisories & Alerts

Sources: