USN-6787-1: Jinja2 vulnerability

Read Time:12 Second

It was discovered that Jinja2 incorrectly handled certain HTML attributes
that were accepted by the xmlattr filter. An attacker could use this issue
to inject arbitrary HTML attribute keys and values to potentially execute
a cross-site scripting (XSS) attack.

CrushFTP Authentication Bypass

What is the Vulnerability?FortiGuard Labs has observed in-the-wild attack attempts targeting CVE-2025-31161, an authentication bypass vulnerability in CrushFTP managed file...

April 9, 2025

Multiple Vulnerabilities in Fortinet Products Could Allow for Remote Code Execution

Multiple vulnerabilities have been discovered Fortinet Products, the most severe of which could allow for remote code execution. FortiAnalyzer...

April 8, 2025

rust-openssl-0.10.72-1.el9 rust-openssl-sys-0.9.107-1.el9

FEDORA-EPEL-2025-13a0cac2ac Packages in this update: rust-openssl-0.10.72-1.el9 rust-openssl-sys-0.9.107-1.el9 Update description: Update the openssl crate to version 0.10.72. Update the openssl-sys crate...

April 8, 2025

rust-openssl-0.10.72-1.el10_0 rust-openssl-sys-0.9.107-1.el10_0

FEDORA-EPEL-2025-2495fcffcc Packages in this update: rust-openssl-0.10.72-1.el10_0 rust-openssl-sys-0.9.107-1.el10_0 Update description: Update the openssl crate to version 0.10.72. Update the openssl-sys crate...

April 8, 2025

rust-openssl-0.10.72-1.el10_1 rust-openssl-sys-0.9.107-1.el10_1

FEDORA-EPEL-2025-15fa9fed48 Packages in this update: rust-openssl-0.10.72-1.el10_1 rust-openssl-sys-0.9.107-1.el10_1 Update description: Update the openssl crate to version 0.10.72. Update the openssl-sys crate...

April 8, 2025

rust-openssl-0.10.72-1.fc40 rust-openssl-sys-0.9.107-1.fc40

FEDORA-2025-472776e5dc Packages in this update: rust-openssl-0.10.72-1.fc40 rust-openssl-sys-0.9.107-1.fc40 Update description: Update the openssl crate to version 0.10.72. Update the openssl-sys crate...

April 8, 2025

Patch Tuesday, April 2025 Edition

The AI Fix #45: The Turing test falls to GPT-4.5

Google Releases April Android Update to Address Two Zero-Days

NIST Defers Pre-2018 CVEs to Tackle Growing Vulnerability Backlog

Half of Firms Stall Digital Projects as Cyber Warfare Risk Surges

CISA Warns of CrushFTP Vulnerability Exploitation in the Wild

Arguing Against CALEA

Boards Urged to Follow New Cyber Code of Practice

Russian bots hard at work spreading political unrest on Romania’s internet

CrushFTP Authentication Bypass

Multiple Vulnerabilities in Fortinet Products Could Allow for Remote Code Execution

rust-openssl-0.10.72-1.el9 rust-openssl-sys-0.9.107-1.el9

rust-openssl-0.10.72-1.el10_0 rust-openssl-sys-0.9.107-1.el10_0

rust-openssl-0.10.72-1.el10_1 rust-openssl-sys-0.9.107-1.el10_1

rust-openssl-0.10.72-1.fc40 rust-openssl-sys-0.9.107-1.fc40