Rocky Linux kernel security update Advisories in Brocade ASCG 3.4.0 Ova

Security updates are provided for multiple CVEs for Rocky Linux Kernel. kernel RLSA-2025:11850 CVE-2022-49977, CVE-2025-21905, CVE-2025-21919 kernel RLSA-2025:12752 CVE-2025-37890, CVE-2025-38079, CVE-2022-50020, CVE-2025-38052, CVE-2025-21928, CVE-2025-22020, kernel RLSA-2025:15008 CVE-2025-3833...

Certifi Vulnerable to Insufficient Verification of Data Authenticity via GlobalTrust Root Certificate

Certifi contains an insufficient verification of data authenticity vulnerability. The withdrawal of the GLOBALTRUST root certificate has been performed. This could result in users experiencing compliance issues. Products Not Affected Brocade Fabric OS VEX Justification: Componentnotpresent Brocad...

EUVD-2025-21827

Malicious code in bioql PyPI...

EUVD-2024-17257

Malicious code in bioql PyPI...

EUVD-2025-21828

Malicious code in bioql PyPI...

EUVD-2025-21830

Malicious code in bioql PyPI...

CVE-2025-7397

A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface CLI in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized...

CVE-2025-6391

Brocade ASCG before 3.3.0 logs JSON Web Tokens JWT in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure...

CVE-2025-7398

Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on internal ports ports 9000 and 8036...

CVE-2025-7398

Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on internal ports ports 9000 and 8036...

CVE-2025-7398

Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on internal ports ports 9000 and 8036...

CVE-2025-7397

A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface CLI in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized...

CVE-2025-7397

A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface CLI in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized...

CVE-2025-6391

Brocade ASCG before 3.3.0 logs JSON Web Tokens JWT in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure...

CVE-2025-6391

Brocade ASCG before 3.3.0 logs JSON Web Tokens JWT in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure...

CVE-2025-7397 CLI history displays inline passwords

A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface CLI in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized...

CVE-2025-7397 CLI history displays inline passwords

A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface CLI in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized...

CVE-2025-7397

The CVE-2025-7397 issue affects Brocade ASCG’s ascgshell prior to version 3.3.0, where commands entered in the CLI history are stored in plain text. This creates a local, authenticated attacker’s risk of exposing passwords or sensitive data via history inspection, leading to unauthorized access a...

CVE-2025-6391 JSON Web Token (JWT) Exposure in Log Files

Brocade ASCG before 3.3.0 logs JSON Web Tokens JWT in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure...

CVE-2025-6391 JSON Web Token (JWT) Exposure in Log Files

Brocade ASCG before 3.3.0 logs JSON Web Tokens JWT in log files. An attacker with access to the log files can withdraw the unencrypted tokens with security implications, such as unauthorized access, session hijacking, and information disclosure...