"Juniper Networks Publishes Dozens of New Security Advisories"

Juniper Networks recently published dozens of advisories detailing more than a hundred vulnerabilities in Junos OS, Junos OS Evolved, and other products.  Three of the advisories are marked as "critical severity," and all address security defects in third-party software used in the affected products.  The first advisory resolves nine vulnerabilities in the open source data transfer tool cURL, including four critical severity issues.  Two of the critical bugs were disclosed in 2018 and two in 2023.  The second and third advisories deal with vulnerabilities in third-party software, including in Juniper Networks Junos cRPD and Cloud Native Router.  Patches were released for over 80 bugs, including eight critical severity issues.  Juniper Networks also published ten advisories dealing with high-severity flaws in Junos OS, Junos OS Evolved, and Paragon Active Assurance Control Center.  Juniper Networks customers are advised to update their appliances as soon as possible, as no workarounds are available for the most severe of these vulnerabilities.

SecurityWeek reports: "Juniper Networks Publishes Dozens of New Security Advisories"