New Alerts for Veeam, Fluent Bit, Atlassian, Github, Google Chrome, and Linux.
Veeam
Several vulnerabilities have been patched in Veeam Backup Enterprise Manager, the worst of which allows a remote attacker to log in to the Veeam Backup Enterprise Manager web interface as any user. Highest CVSSv3 score of 9.8
More info.
A critical vulnerability dubbed Linguistic Lumberjack within Fluent Bit's built-in HTTP server could allow for DoS, information disclosure, or RCE.
More info.
The Atlassian Monthly Patch bulletin includes 37 vulnerabilities, 2 rated Critical and 35 rated High. Updates include Bamboo, Bitbucket, Confluence, Crowd, Jira, and Jira Service Management Data Center and Server products. Highest CVSSv3 score of 9.8 for Confluence and Jira.
More info.
On instances that use SAML SSO authentication with the optional encrypted assertions feature, a remote attacker could forge a SAML response to provision and/or gain access to a user with administrator privileges. CVSSv4 score of 10.
More info.
Google has updated Chrome for Desktop to fix 6 security vulnerabilities, most rated High.
More info.
Microsoft is aware. More info.
SUSE has updated the kernel. More info.
Red Hat has updated the kernel and firmware. More info.
Ubuntu has updated the kernel. More info.
Alpine Linux has released a new version. More info.
