Support Content Notification - Support Portal

Brocade ASCG Vulnerability Disclosures

Product/Component

Brocade ASC-Gateway OVA

1 more products

Notification Id

24998

Last Updated

03 March 2026

Initial Publication Date

08 January 2025

Status

OPEN

Severity

HIGH

CVSS Base Score

Varies

WorkAround

Affected CVE

Multiple

Brocade Security Advisories posted on March 3, 2026

CVE addressed in ASCG 3.4.0a

CVE-2026-0869
Application User custom defined accounts are not properly password protected in ASCG 3.4.0
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37121

CVEs addressed in ASCG 3.4.0

CVE-2022-49977, CVE-2025-21905, CVE-2025-21919, CVE-2025-37890, CVE-2025-38079, CVE-2022-50020, CVE-2025-38052, CVE-2025-21928, CVE-2025-22020, CVE-2025-38332, CVE-2025-38464, CVE-2025-38211, CVE-2025-38477, CVE-2025-21727, CVE-2021-47670, CVE-2025-21759, CVE-2024-56644, CVE-2025-38085, CVE-2025-38159, CVE-2025-38498, CVE-2025-38556, CVE-2025-38461, CVE-2025-38718, CVE-2025-37797, CVE-2022-50087, CVE-2025-22026, CVE-2022-50228, CVE-2023-53305, CVE-2025-39757, CVE-2023-53373, CVE-2025-39817, CVE-2023-53297, CVE-2022-50386, CVE-2023-53386, CVE-2025-39841, CVE-2025-39849, CVE-2023-53178, CVE-2022-50367, CVE-2025-40300, CVE-2025-39883, CVE-2023-53513, CVE-2025-39955, CVE-2025-39825, CVE-2023-53401
Rocky Linux kernel security update Advisories in Brocade ASCG 3.4.0 Ova
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37133

CVE-2025-8067
UDisks Daemon Vulnerable to Local Privilege Escalation via Negative Index in Loop Device Handler
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37151

CVE-2025-47081
Requests Vulnerable to Information Disclosure via '.netrc' Credentials Leak in 'get_netrc_auth()' Function
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37150

CVE-2025-4565
Protobuf Pure-Python backend can be corrupted by exceeding the Python recursion limit
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37149

CVE-2025-8869
Pip Vulnerable to Path Traversal via Lack of Symbolic Link Validation in 'unpacking.py‎' File
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37147

CVE-2025-11561
sssd default kerberos configuration allows privilege escalation on ad-joined linux systems
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37146

CVE-2025-5372
Libssh: incorrect return code handling in ssh_kdf() in libssh
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37145

CVE-2025-4945, CVE-2025-11021
Libsoup Vulnerable to Integer Overflow via Cookie Expiration Date Handling in Cookie Parsing Logic and Vulnerable to Information Exposure via Out-of-Bounds Read in HTTP Library Component
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37144

CVE-2025-5914
libarchive Vulnerable to Memory Corruption via Integer Overflow in 'archive_read_format_rar_seek_data()' Function
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37143

CVE-2025-0624
GRUB2 Vulnerable to Out-of-Bounds Write via Network Boot Process in 'grub_strcpy()' Function
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37142

CVE-2025-228871, CVE-2025-228870, CVE-2025-228869
Security update provided for multiple Go Open-source programming language
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37141

CVE-2025-32988
GnuTLS Vulnerable to Memory Corruption via Double-Free upon Error when Exporting 'otherName' in SAN
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37154

CVE-2025-32990, CVE-2025-6395
LibExpat Vulnerable to Denial-of-Service (DoS) via Uncontrolled Resource Consumption in 'xmlparse.c' File
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37140

CVE-2025-40778
Cache poisoning attacks with unsolicited RRs
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37136

CVE-2025-26465
OpenSSH security update for CVE-2025-26465
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37134

CVE-2025-53905, CVE-2025-53906
Path traversal issues in Vims tar.vim and zip.vim plugins
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37152

CVE-2025-9566
Podman Vulnerable to Arbitrary File Write via Symbolic Link Traversal in 'play.go' File
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37148

CVE-2025-41244
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37153

CVE-2025-7345
gdk-pixbuf Vulnerable to Heap Buffer Overflow via Malicious JPEG Images in 'gdk_pixbuf__jpeg_image_load_increment' Function
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/36924

CVE-2025-9086
Out of bounds read for cookie path
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37137

CVE-2025-11083
GNU binutils Vulnerable to Memory Corruption via Heap-Based Buffer Overflow in 'elf_swap_shdr()' Function
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37155

CVE-2025-54389
AIDE Vulnerable to Improper Output Neutralization via Terminal Escape Sequences in Log and Report Output
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/37135

=======================================

Brocade Security Advisories posted on February 19, 2026

CVEs addressed in ASCG 3.4.0

CVE-2025-61984
OpenSSH security update (CVE-2025-61984)
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/36924

CVE-2025-61985
OpenSSH security update (CVE-2025-61985)
(PSIRT Risk: Low for ASCG)
https://support.broadcom.com/external/content/SecurityAdvisories/0/36979

=======================================

Brocade Security Advisories posted on January 27, 2026

CVEs addressed in ASCG 3.3.0a

CVE-2025-21991
Nessus detected vulnerability in the Brocade SANnav OVA base image (CVE-2025-21991)
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/36804

CVEs addressed in ASCG 3.3.0

CVE-2023-52426
libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/36822

=======================================

Brocade Security Advisories posted on October 14, 2025

CVEs addressed in ASCG 3.3.0a

CVE-2025-30204
jwt-go allows excessive memory allocation during header parsing
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/36215

Multiple Rocky Linux updates applied to Brocade ASCG 3.3.0a (OVA)
OVA base image related vulnerabilities
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/36216

CVE-2023-29483
eventlet before 0.35.2 as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/36217

CVE-2024-8176
Libexpat: expat: improper restriction of xml entity expansion depth in libexpat
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/36218

CVE-2024-12243
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/36219

CVE-2025-21756, CVE-2022-49011, CVE-2024-53141, CVE-2025-32462
Kernel OVA security updates in ASCG 3.3.0a
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/36221

CVE-2024-39689
Certifi Vulnerable to Insufficient Verification of Data Authenticity via GlobalTrust Root Certificate
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/36222

=======================================

Brocade Security Advisories posted on July 15, 2025

CVEs addressed in ASCG 3.3.0

CVE-2025-6391
JSON Web Token (JWT) Exposure in Log Files
(PSIRT Risk: )
https://support.broadcom.com/external/content/SecurityAdvisories/0/35951

CVE-2025-7398
Weak Cipher Suites on port on ports 9000 and 8036
(PSIRT Risk: )
https://support.broadcom.com/external/content/SecurityAdvisories/0/35950

CVE-2025-7397
CLI history display inline passwords
(PSIRT Risk: )
https://support.broadcom.com/external/content/SecurityAdvisories/0/35949

Multiple Rocky Linux updates applied to Brocade ASCG 3.3.0
OVA base image related vulnerabilities
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/35948

CVE-2024-31141
Improper Privilege Management vulnerability in Apache Kafka Client
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/35947

CVE-2024-29025
Netty Vulnerable to Denial-of-Service (DoS) via Uncontrolled Memory Allocation in 'HttpPostRequestDecoder' Component
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/35946

CVE-2024-26923
Linux Kernel Vulnerable to Dangling Pointer via Garbage Collector Racing Against Connect() in AF_UNIX Module
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/35818

CVE-2024-20918, CVE-2024-20952, CVE-2024-20926, CVE-2024-21002, CVE-2024-21003, CVE-2024-21131, CVE-2024-21138, CVE-2024-21140, CVE-2024-21144, CVE-2024-21147, CVE-2024-47561
Difficult to exploit Java SDK Updates
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/35945

=======================================

Brocade Security Advisories posted on July 8, 2025

CVEs addressed in ASCG 3.3.0

CVE-2025-0395
GNU Glibc Vulnerable to Memory Corruption via Heap Buffer Overflow during 'assert()' Failure
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/35919

CVE-2024-47561
Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/35917

CVEs addressed in ASCG 3.1.0

CVE-2022-48687
Linux Kernel IPv6 Segment Routing Vulnerable to Out-of-Bounds Read via Crafted Netlink Message in SRv6 Layer
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/35920

=======================================

Brocade Security Advisories posted on June 10, 2025

CVEs addressed in ASCG 3.0

CVE-2023-0394
Linux Kernel Vulnerable to Denial-of-Service (DoS) via NULL Pointer Dereference in 'rawv6_push_pending_frames()' Function in 'raw.c' File
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/35817

=================================================

Brocade Security Advisories posted on March 7, 2025

CVE addressed in ASCG 3.1.0

CVE-2024-25062
Use-after-free in xmlValidatePopElement() using XMLReader API
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25486

=====================================

Brocade Security Advisories posted on February 27, 2025

CVEs addressed in ASCG 3.2.0

CVE-2024-1509
Brocade ASCG 3.2.0 web interface does not enforce HSTS, as defined by RFC 6797 for ports 8030 and 8100
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25428

Rocky Linux Kernel update in Brocade ASCG 3.2.0 for RLSA-2024:4211, RLSA-2024:5101, RLSA-2024:8856
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25429

CVE-2024-38428
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25430

CVE-2024-25629
c-ares Vulnerable to Memory Corruption via Out-of-Bounds Read in ‘ares__read_line’ function
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25431

CVE-2024-32487
less Vulnerable to Arbitrary Code Execution via OS Command Execution via newline Character in Filename
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25432

CVE-2024-29018
By registering a domain for which they control the authoritative nameservers, an attacker could arrange for a compromised container
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25073

=====================================

Brocade Security Advisories posted on February 13, 2025

CVEs addressed in ASCG 3.0.0

CVE-2022-38178
ISC BIND 9 Vulnerable to Denial-of-Service (DoS) via Memory Leaks in EdDSA DNSSEC Verification
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25408

CVE-2022-48174
Stack overflow vulnerability in ash.c:6030 in busybox before 1.35 can be executed from command to arbitrary code execution.
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25414

CVE-2022-28391
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25415

==========================================

Brocade Security Advisories posted/updated on January 7, 2025

CVEs addressed in ASCG 3.1.0

CVE-2023-51385
OpenSSH is vulnerable to an OS command injection issue due to how user name and host name values are processed and referenced by expansion tokens.
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25238

==================================================

Previously disclosed Brocade Security Advisories

CVEs addressed in ASCG 3.1.0

CVE-2022-48624
close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24994

CVE-2023-7104
SQLite Vulnerable to Out-of-Bounds Memory Access via Insufficient Input Validation in 'sessionReadRecord' Function of 'Sessions' Extension
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24996

CVE-2023-5981, CVE-2023-27043, CVE-2023-51385, CVE-2023-48795, CVE-2021-35939, CVE-2021-35937, CVE-2021-35938, CVE-2023-48795, CVE-2021-41043, CVE-2020-28241, CVE-2023-28322, CVE-2023-46218, CVE-2023-38546, CVE-2024-28834, CVE-2024-22365, CVE-2023-6004, CVE-2023-6918, CVE-2023-46316, CVE-2022-4645, CVE-2023-6135, CVE-2023-43804, CVE-2023-5678
Multiple CVEs identified by vulnerability scanning tools addressed via Brocade ASCG v3.1.0
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24891

CVE-2024-23653, CVE-2024-21626
Container vulnerabilities in ASCG docker containers
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/25074

CVE-2024-1086
A use-after-free vulnerability exists in the Linux kernel's netfilter: nf_tables component
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24989

CVE-2024-4603
Checking excessively long DSA keys or parameters may be very slow
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24990

CVE-2023-6237
OpenSSL is vulnerable to a denial of service, caused by a flaw in the handling of RSA public keys by the EVP_PKEY_public_check() function
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24991

CVE-2023-6129
The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24992

CVEs addressed in ASCG 3.0.0a

CVE-2014-8730, CVE-2015-3642, CVE-2022-4285, CVE-2023-34058, CVE-2023-34059, CVE-2023-29406, CVE-2023-4016, CVE-2023-1981, CVE-2020-22217, CVE-2023-3113
Multiple CVEs identified by vulnerability scanning tools in Brocade ASCG
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24410

CVEs addressed in ASCG 3.0.0

CVE-2023-29469, CVE-2023-28484, CVE-2022-40304, CVE-2022-40303, CVE-2021-3541, CVE-2021-3537, CVE-2021-3518, CVE-2021-3517, CVE-2020-24977
Multiple Vulnerabilities within libxml2
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24612

CVE-2023-52160
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24987

CVE-2022-1304
An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/24995

CVE-2023-32233
A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration
(PSIRT Risk: High)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22705

CVE-2023-38408
The PKCS#11 feature in ssh-agent in OpensSH before 9.3p2 has an insuffciently trustworthy search path, leading to remote code execution
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22721

CVE-2023-29491
A vulnerability was found in ncurses and occurs when used by a setuid application
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22702

CVE-2023-20900, CVE-2023-35001, CVE-2023-4004, CVE-2023-3390, CVE-2023-3776, CVE-2023-3090, CVE-2023-35788, CVE-2023-20593, CVE-2023-2002
Rocky Linux Security Updates RLSA-2023:5312 and RSLA-2023:5244
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22784

CVE-2023-5649
An improper Input Validation vulnerability for the registered case credentials
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22716

CVE-2023-5648
Several security-related HTTP headers were missing
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22715

CVE-2022-22576
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22718

CVE-2021-45485
net ipv6 output_core.c has an information leak because of certain use of hash
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22351

CVE-2021-45486
net ipv4 route.c has an information leak because the hash table is very small
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22352

CVE-2021-3800
Flaw in glib could leak content from files owned by privileged users to unpriviledged ones
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22348

CVE-2021-3421
flaw in the RPM package in the read functionality
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22771

CVE-2020-14145
The client side in OpenSSH 5.7 through 8.3 has an observable discrepancy leading to an information leak in the algorithm negotiation
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22345

CVE-2020-13776
A flaw was found in systemd, where it mishandles numerical usernames beginning with decimal digits, or "0x" followed by hexadecimal digits
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22703

CVE-2019-11254
YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22717

CVE-2015-4042
Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23
(PSIRT Risk: Medium)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22719

CVE-2022-44793
Null pointer exception bug that can be used by a remote attacker
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22770

CVE-2022-35252
Curl is vulnerable to a denial-of-service (Dos) issue
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22783

CVE-2020-15778
command injection in scp.c
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22769

CVE-2020-12655
A flaw was discovered in the XFS source in the Linux kernel
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22704

CVE-2018-25032
Zlib memory corruption when deflating
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22342

CVE-2014-9471
The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code
(PSIRT Risk: Low)
https://support.broadcom.com/external/content/SecurityAdvisories/0/22720

Revision History

Version	Change	Date
1.0	Initial Publication	January 7, 2025
1.1	Updated with CVE-2022-38178, CVE-2022-48174, CVE-2022-28391	February 13, 2025
2.0	Security updates posted with ASCG 3.2.0	February 27, 2025
2.1	Added low risk CVE-2024-25062	March 7, 2025
2.2	Added low risk CVE-2023-0394	June 10, 2025
3.0	Security updates posted with ASCG 3.3.0	July 15, 2025
3.1	Security updates posted with ASCG 3.3.0a	October 15, 2025
3.2	Additional security updates with ASCG 3.3.0a and 3.3.0	January 27, 2026
3.3	Two security updates included in ASCG 3.4.0	February 19, 2026
4.0	Security updates posted with ASCG 3.4.0 and 3.4.0a	March 3, 2026

Disclaimer

THIS DOCUMENT IS PROVIDED ON AN AS-IS BASIS SOLELY FOR INFORMATIONAL PURPOSES AND DOES NOT IMPLY ANY KIND OF GUARANTY OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. YOUR USE OF THE INFORMATION CONTAINED HEREIN IS AT YOUR OWN RISK. ALL INFORMATION PROVIDED HEREIN IS BASED ON BROCADE'S CURRENT KNOWLEDGE AND UNDERSTANDING OF THE VULNERABILITY AND IMPACT TO BROCADE HARDWARE AND SOFTWARE PRODUCTS. BROCADE RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.