Security Advisory

Overview An update has been made available to fix vulnerabilities in JenKins(https://www.jenkins.io/). Users of affected versions are advised to update to the latest version.   Affected Products All versions of Jenkins 2.441 and earlier, LTS 2.426.2 and earlier   CVE-2024-23898 Jenkins 2.217 and all versions before 2.441, LTS 2.222.1 and

Overview An update has been made available to fix vulnerabilities in Fortra’s GoAnywhere MFT. Users of affected versions are advised to update to the latest version.   Affected Products All versions of Fortra GoAnywhere MFT 6.0.1 through 6.x, and all versions of 7.x below 7.4.1   Resolved Vulnerabilities Authentication bypass

Overview An update has been made available to fix vulnerabilities in GitLab (https://about.gitlab.com/) Community Edition (CE) and Enterprise Edition (EE). Users of those versions are advised to update to the latest version.   Affected Products CVE-2024-0402 16.versions 0 through 16.5.8 and earlier 16.6 through before 16.6.6 16.7 through before 16.7.4 

Overview An update is available to fix vulnerabilities in Junos OS from Juniper Networks (https://supportportal.juniper.net/). Users of affected versions are advised to update to the latest version.   Affected Products CVE-2024-21619 20.all versions prior to 4R3-S9 21.all versions prior to 21.2R3-S7 of version 2 21.all versions before 21.3R3-S5 in version

Overview An update has been made available to fix vulnerabilities in GitHub Enterprise Server. Users of affected versions are advised to update to the latest version.   Affected Products All versions of GitHub Enterprise Server 3.7 and earlier and all versions of 3.8.12, 3.9.7, 3.10.4, 3.11.2 and earlier   Resolved

Overview An update has been made available to fix vulnerabilities in WordPress Post SMTP Mailer (an email sending and management plugin). Users of affected versions are advised to update to the latest version.   Affected Products All versions of Post SMTP Mailer up to 2.8.7   Resolved Vulnerabilities Authorization bypass

Overview   The latest security updates have been released for MLflow and ClearML Server open source platforms for machine learning and artificial intelligence development. Users of affected versions are advised to update to the latest version.   Affected Products   Prior to MLflow 2.9.2 and ClearML Server 1.13.0   Resolved

Overview   Apple (https://apple.com) has released a security update that addresses a product vulnerability. Users of affected products are advised to update to the latest version.   Affected Products   MacOS Ventura IPad Pro 12.9-inch 3rd generation and newer IPad Pro 11-inch 1st generation and later IPad Air 3rd generation

Overview An update has been made available to fix an access control lapse vulnerability in Aria Automation by VMware. Users of affected versions are advised to update to the latest version.   Affected Products VMware Aria Automation versions 8.16, 8.14.x, 8.13.x, 8.12.x, 8.11.xVMware Cloud Foundation (Aria Automation) 5.x, 4.x versions

Overview An update has been made available to fix vulnerabilities in Apache Tomcat(https://tomcat.apache.org/). Users of affected versions are advised to update to the latest version.   Affected Products Apache Tomcat 9.versions from 0.0-M11 through 9.0.43 8.versions from 5.7 through 8.5.63   Resolved Vulnerabilities Vulnerability in Apache Tomcat to generate error