Advisory Week

Week 12, 2025

National Cyber Awareness System

CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure

CISA Releases One Industrial Control Systems Advisory

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Releases Four Industrial Control Systems Advisories

CISA Adds One Known Exploited Vulnerability to Catalog

Mozilla Security Advisories

Security Vulnerability fixed in Firefox 136.0.4, Firefox ESR 128.8.1, Firefox ESR 115.21.1 mfsa2025-19

Ubuntu Security Notices

Linux kernel vulnerabilities: USN-7392-2 / USN-7392-1 / USN-7391-1 / USN-7388-1 / USN-7387-1 / USN-7383-1

Linux kernel (FIPS) vulnerabilities: USN-7393-1 / USN-7387-2

OpenSC regression: USN-7346-2

Ansible regression: USN-7330-2

Linux kernel (Real-time) vulnerabilities: USN-7387-3 / USN-7383-2

Linux kernel (Xilinx ZynqMP) vulnerabilities: USN-7390-1

Linux kernel (NVIDIA Tegra) vulnerabilities: USN-7389-1

Linux kernel (OEM) vulnerabilities: USN-7386-1 / USN-7382-1

Linux kernel (IBM) vulnerabilities: USN-7385-1

Linux kernel (Azure) vulnerabilities: USN-7384-1

Smarty vulnerability: USN-7377-1

Linux kernel (Low Latency) vulnerabilities: USN-7381-1

SnakeYAML vulnerability: USN-7368-1

Ghostscript vulnerabilities: USN-7378-1

MariaDB vulnerability: USN-7376-1

Org Mode vulnerabilities: USN-7375-1

containerd vulnerability: USN-7374-1

Exim vulnerability: USN-7373-1

LSN-0110-1: Kernel Live Patch Security Notice

Varnish vulnerability: USN-7372-1

FreeRDP vulnerabilities: USN-7371-1

SmartDNS vulnerabilities: USN-7370-1

elfutils vulnerabilities: USN-7369-1

Python regression: USN-7348-2

Rack vulnerabilities: USN-7366-1

zvbi vulnerabilities: USN-7367-1

NLTK vulnerabilities: USN-7365-1

Red Hat Security Advisory

Important: Red Hat OpenStack Platform 17.1 (openstack-ansible-core) security update: RHSA-2025:3371

Important: grub2 security update: RHSA-2025:3367

Important: Red Hat JBoss Enterprise Application Platform 8.0.6 security update: RHSA-2025:3358 / RHSA-2025:3357

Moderate: expat security update: RHSA-2025:3350

Important: grafana security update: RHSA-2025:3344

Moderate: OpenShift Container Platform 4.17.22 packages and security update: RHSA-2025:3061

Important: Logging for Red Hat OpenShift - 6.1.4: RHSA-2025:3131

Important: Logging for Red Hat OpenShift - 6.0.6: RHSA-2025:3132

Important: OpenShift Container Platform 4.17.22 bug fix and security update: RHSA-2025:3059

Important: container-tools:rhel8 security update: RHSA-2025:3268 / RHSA-2025:3266 / RHSA-2025:3175

Important: libreoffice security update: RHSA-2025:3265 / RHSA-2025:3169

Important: kernel-rt security update: RHSA-2025:3264 / RHSA-2025:3214 / RHSA-2025:3211 / RHSA-2025:3127

Moderate: nginx:1.22 security update: RHSA-2025:3261

Important: kernel security update: RHSA-2025:3260 / RHSA-2025:3216 / RHSA-2025:3215 / RHSA-2025:3209 / RHSA-2025:3207 / RHSA-2025:3128

Important: OpenShift Container Platform 4.15.48 security update: RHSA-2025:3055

Important: podman security update: RHSA-2025:3186 / RHSA-2025:3184 / RHSA-2025:3165

Important: gvisor-tap-vsock security update: RHSA-2025:3185

Important: VolSync 0.12.1 security fixes and enhancements for RHEL 9: RHSA-2025:3172

Important: Red Hat Ansible Automation Platform 2.5 Container Release Update: RHSA-2025:3162

Important: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update: RHSA-2025:3160

Moderate: OpenShift Container Platform 4.18.6 packages and security update: RHSA-2025:3068

Important: OpenShift Container Platform 4.18.6 bug fix and security update: RHSA-2025:3066

Important: Red Hat Ansible Automation Platform 2.4 Container Release Update: RHSA-2025:3124

Important: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update: RHSA-2025:3123

Important: libxslt security update: RHSA-2025:3107

Important: kpatch-patch-5_14_0-70_112_1, kpatch-patch-5_14_0-70_121_1, kpatch-patch-5_14_0-70_124_1, and kpatch-patch-5_14_0-70_85_1 security update: RHSA-2025:3112

Important: pcs security update: RHSA-2025:3109 / RHSA-2025:3108

Microsoft Security

Microsoft March 2025 Security Update Guide

Chromium: CVE-2025-2783 Incorrect handle provided in unspecified circumstances in Mojo on Windows

CVE-2025-24514 Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller

CVE-2025-1974 Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller

CVE-2025-1097 Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller

CVE-2025-1098 Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller

CVE-2025-24513 Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller

Amazon AWS Security Advisories

Issue with tough, versions prior to 0.20.0 (Multiple CVEs)

Issues with Kubernetes ingress-nginx controller (Multiple CVEs)

Github Security Advisories

[GHSA-p799-q2pr-6mxj] go.rgst.io/stencil/v2 vulnerable to Path Traversal

[GHSA-j8x2-777p-23fc] tough cyclic delegation graphs are not detected

[GHSA-v4wr-j3w6-mxqc] tough terminating targets role delegations are not respected

[GHSA-5vmp-m5v2-hx47] tough root metadata version is not checked for sequential versioning

[GHSA-8fm5-gg2f-f66q] Publify Vulnerable To Cross-Site Scripting (XSS) Via Redirects Requiring User Interaction

[GHSA-76g3-38jv-wxh4] tough timestamp metadata is cached when it fails snapshot rollback check

[GHSA-q6r9-r9pw-4cf7] tough failure to detect delegated target rollback

[GHSA-j95m-rcjp-q69h] github.com/jaredallard/archives Has Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

[GHSA-f3mf-hm6v-jfhh] Mesop Class Pollution vulnerability leads to DoS and Jailbreak attacks

[GHSA-v56r-hwv5-mxg6] Synapse vulnerable to federation denial of service via malformed events

[GHSA-pfqj-w6r6-g86v] Pitchfork HTTP Request/Response Splitting vulnerability

[GHSA-963h-3v39-3pqf] Vega vulnerable to Cross-site Scripting via RegExp.prototype[@@replace]

[GHSA-rcw3-wmx7-cphr] Vega Cross-Site Scripting (XSS) via event filter when not using CSP mode expressionInterpeter

[GHSA-785h-76cm-cpmf] Django TomSelect incomplete escaping of dangerous characters in widget attributes

[GHSA-fm3h-p9wm-h74h] Directus's webhook trigger flows can leak sensitive data

[GHSA-7wq3-jr35-275c] Directus `search` query parameter allows enumeration of non permitted fields

[GHSA-56p6-qw3c-fq2g] Suspended Directus user can continue to use session token to access API

[GHSA-rv78-qqrq-73m5] Directus's S3 assets become unavailable after a burst of HEAD requests

[GHSA-j8xj-7jff-46mx] Directus's S3 assets become unavailable after a burst of malformed transformations

[GHSA-6phg-4wmq-h5h3] Frappe has possibility of SQL injection due to improper validations

[GHSA-66pp-5p9w-q87j] Shescape has potential environment variable exposure on Windows with CMD

[GHSA-3p6v-hrg8-8qj7] @mozilla/readability Denial of Service through Regex

[GHSA-5565-3c98-g6jc] WildFly Elytron OpenID Connect Client ExtensionOIDC authorization code injection attack

[GHSA-qrv3-jc3h-f3m6] Frappe vulnerable to information disclosure leading to account takeover

[GHSA-v342-4xr9-x3q3] Frappe has Possibility of Remote Code Execution due to improper validation

[GHSA-3hj6-r5c9-q8f3] Frappe has possibility of SQL injection due to improper validations

[GHSA-x574-m823-4x7w] Vite bypasses server.fs.deny when using ?raw??

[GHSA-c6pf-2v8j-96mc] Cilium node based network policies may incorrectly allow workload traffic

[GHSA-46mp-8w32-6g94] Kyverno ignores subjectRegExp and IssuerRegExp

[GHSA-24qp-4xx8-3jvj] Cilium East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers

[GHSA-7mxx-3cgm-xxv3] API Platform Core does not call GraphQl securityAfterResolver

[GHSA-5pq3-h73f-66hr] AWS CDK CodePipeline: trusted entities are too broad

CISA Known Exploted Vulnerabilities

reviewdog/action-setup GitHub Action Embedded Malicious Code Vulnerability CVE-2025-30154

Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability CVE-2019-9875

Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability CVE-2019-9874

Google Chromium Mojo Sandbox Escape Vulnerability CVE-2025-2783

The known exploited vulnerabilities list contains vulnerabilities that are known to be actively exploited. They may not be new or recently discovered. Vulnerabilities listed here were added to this list in the past week.

Switch to Daily Mode

We're thrilled to announce the launch of AdvisoryDaily, a once a day version of this newsletter.

Get AdvisoryDaily