Category Archives: Advisories

suricata-7.0.9-1.fc42

Read Time:18 Second

FEDORA-2025-0fe12b20e6

Packages in this update:

suricata-7.0.9-1.fc42

Update description:

Various security, performance, accuracy, and stability issues have been fixed. LibHTP has been updated to version 0.5.50 which is bundled with this new release. This fixes:

CVE-2025-29915: HIGH
CVE-2025-29917: HIGH
CVE-2025-29918: HIGH
CVE-2025-29916: Moderate

Read More

suricata-7.0.9-1.fc41

Read Time:18 Second

FEDORA-2025-109f69791e

Packages in this update:

suricata-7.0.9-1.fc41

Update description:

Various security, performance, accuracy, and stability issues have been fixed. LibHTP has been updated to version 0.5.50 which is bundled with this new release. This fixes:

CVE-2025-29915: HIGH
CVE-2025-29917: HIGH
CVE-2025-29918: HIGH
CVE-2025-29916: Moderate

Read More

USN-7355-1: RestrictedPython vulnerabilities

Read Time:45 Second

Nakul Choudhary and Robert Xiao discovered that RestrictedPython did not
properly sanitize certain inputs. An attacker could possibly use this
issue to execute arbitrary code. This issue only affected
Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-37271)

Abhishek Govindarasu, Ankush Menat and Ward Theunisse discovered that
RestrictedPython did not correctly handle certain format strings. An
attacker could possibly use this issue to leak sensitive information.
This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
(CVE-2023-41039)

It was discovered that RestrictedPython did not correctly restrict access
to certain fields. An attacker could possibly use this issue to leak
sensitive information. (CVE-2024-47532)

It was discovered that RestrictedPython contained a type confusion
vulnerability. An attacker could possibly use this issue to execute
arbitrary code. This issue only affected Ubuntu 24.04 LTS and
Ubuntu 24.10. (CVE-2025-22153)

Read More

A Vulnerability in Apache Tomcat Could Allow for Remote Code Execution

Read Time:27 Second

A vulnerability has been discovered in Apache Tomcat, which could allow for remote code execution. Apache Tomcat is an open-source Java servlet container and web server used to host Java-based web applications and implement Java Servlet and JavaServer Pages (JSP) specifications, providing a platform for running dynamic web content. Successful exploitation of the of this vulnerability could allow for remote code execution in the context of the system. Depending on the privileges associated with the system, an attacker could then install programs; view, change, or delete data.

Read More