Alerts This Week
Warning Icon 1 687
Alerts This Week
Warning Icon 1 687

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 1 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorybug fiximportant

openSUSE 16.0 cJSON Important Bug Fix Advisory 2026-20340-1

An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed.. openSUSE security update: security update for cjson ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20340-1 Rating: important References: * bsc#1241502 * bsc#1249112 Cross-References: * CVE-2023-26819 * CVE-2025-57052 CVSS scores: * CVE-2023-26819 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2023-26819 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-57052 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-57052 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed. Description: This update for cJSON fixes the following issues: - Update to version 1.7.19 * Check for NULL in cJSON_DetachItemViaPointer. * Check overlap before calling strcpy in cJSON_SetValuestring. * Fix Max recursion depth for cJSON_Duplicate to prevent stack exhaustion. * Allocate memory for the temporary buffer when paring numbers. This fixes CVE-2023-26819. (bsc#1241502) * Fix the incorrect check in decode_array_index_from_pointer. This fixes CVE-2025-57052. (bsc#1249112) - Remove not longer needed patch for NULL to deallocated pointers. Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-369=1 Package List: - openSUSE Leap 16.0: cJSON-devel-1.7.19-160000.1.1 libcjson1-1.7.19-160000.1.1 References: * https://www.suse.com/security/cve/CVE-2023-26819.html * https://www.suse.com/security/cve/CVE-2025-57052.html . Importantsecurity update for openSUSE containing fixes for cJSON vulnerabilities and bug fixes to enhance system stability.. openSUSE security cJSON vulnerability fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 12, 2026 Important OpenSUSE
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisoryDoSUbuntu

Ubuntu 25.10 cJSON Important DoS Memory Access Vuln 7973-1 CVE-2023-26819

Several security issues were fixed in cJSON.. ========================================================================== Ubuntu Security Notice USN-7973-1 January 23, 2026 cjson vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in cJSON. Software Description: - cjson: Ultralightweight JSON parser in ANSI C Details: It was discovered that cJSON incorrectly handled parsing large numbers. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-26819) It was discovered that cJSON may perform out-of-bounds read when processing specially crafted JSON files using parse_object. An attacker could possibly use this issue to expose sensitive information or crash the program. (CVE-2023-53154) It was discovered that cJSON incorrectly validated array indices in JSON pointers, which could result in an out-of-bounds memory access. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2025-57052) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 libcjson1 1.7.18-3.1ubuntu0.1 Ubuntu 24.04 LTS libcjson1 1.7.17-1ubuntu0.1~esm3 Available with Ubuntu Pro Ubuntu 22.04 LTS libcjson1 1.7.15-1ubuntu0.1 Ubuntu 20.04 LTS libcjson1 1.7.10-1.1ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7973-1 CVE-2023-26819, CVE-2023-53154, CVE-2025-57052 Package Information: https://launchpad.net/ubuntu/+source/cjson/1.7.15-1ubuntu0.1 . Multiple security issues exist incJSON, affecting various Ubuntu versions. Ensure your system is updated to mitigate risks.. cJSON security,cJSON update,Ubuntu security advisory,cJSON vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 26, 2026 Important Ubuntu
Banner 1 1028x280 1708121660 1771599717
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorySuSEimportant

SUSE: cJSON Important Memory Issue Fix CVE-2023-26819, CVE-2025-57052

* bsc#1241502 * bsc#1249112 Cross-References: * CVE-2023-26819 . # Security update for cJSON Announcement ID: SUSE-SU-2025:03520-1 Release Date: 2025-10-10T07:22:45Z Rating: important References: * bsc#1241502 * bsc#1249112 Cross-References: * CVE-2023-26819 * CVE-2025-57052 CVSS scores: * CVE-2023-26819 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-26819 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2023-26819 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-57052 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-57052 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-57052 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for cJSON fixes the following issues: * CVE-2023-26819: Allocate memory for the temporary buffer when paring numbers (bsc#1241502) * CVE-2025-57052: Fix the incorrect check in decode_array_index_from_pointer (bsc#1249112) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2025-3520=1 ## Package List: * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * libcjson1-debuginfo-1.7.19-150700.3.3.1 * cJSON-debugsource-1.7.19-150700.3.3.1 * libcjson1-1.7.19-150700.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-26819.html *https://www.suse.com/security/cve/CVE-2025-57052.html * https://bugzilla.suse.com/show_bug.cgi?id=1241502 * https://bugzilla.suse.com/show_bug.cgi?id=1249112 . SUSE's security update for cJSON addresses two critical issues, enhancing stability and safety for enterprise users on SP7.. cJSON security patch, SUSE Linux advisory, important vulnerability fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Oct 10, 2025 Important SuSE
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycriticaldebian

Debian 11: cjson Critical Input Issue DLA-4304-1 CVE-2025-57052

It was discovered that cJSON, an ultralightweight JSON parser, performed insufficient input sanitising, which could result in out-of-bounds memory access. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4304-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Thorsten Alteholz September 18, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : cjson Version : 1.7.14-1+deb11u3 CVE ID : CVE-2025-57052 It was discovered that cJSON, an ultralightweight JSON parser, performed insufficient input sanitising, which could result in out-of-bounds memory access. For Debian 11 bullseye, this problem has been fixed in version 1.7.14-1+deb11u3. We recommend that you upgrade your cjson packages. For the detailed security status of cjson please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/cjson Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . An important patch for libxml2 on Debian LTS fixes critical input validation vulnerabilities that may cause memory corruption problems.. Debian LTS,cjson update,security patch,out-of-bounds access. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 18, 2025 Critical Debian LTS
Banner 1 1028x280 1708121660 1771599717
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianimportant

Debian: DLA-4216-1 important: cjson JSON parsing security fix

Two vulnerabilities have been fixed in cJSON, a C library for parsing JSON. CVE-2023-26819 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4216-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Adrian Bunk June 15, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : cjson Version : 1.7.14-1+deb11u2 CVE ID : CVE-2023-26819 CVE-2023-53154 Debian Bug : 1103687 Two vulnerabilities have been fixed in cJSON, a C library for parsing JSON. CVE-2023-26819 rejection of valid texts CVE-2023-53154 heap buffer overflow For Debian 11 bullseye, these problems have been fixed in version 1.7.14-1+deb11u2. We recommend that you upgrade your cjson packages. For the detailed security status of cjson please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/cjson Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Advisory DLA-4217-1 addresses critical flaws in the libxml2 library for XML processing, ensuring stable updates.. Debian LTS, cjson security, update advisory, heap overflow, JSON parsing issues. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 15, 2025 Important Debian LTS
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysecurity issuesoftware update

Mageia 9 Update: 2024-03-24 Addresses Moderate cjson Segmentation Fault

cJSON was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c. (CVE-2024-31755) References: . MGASA-2024-0324 - Updated cjson packages fix security vulnerability Publication date: 04 Oct 2024 URL: https://advisories.mageia.org/MGASA-2024-0324.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-31755 cJSON was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c. (CVE-2024-31755) References: - https://bugs.mageia.org/show_bug.cgi?id=33600 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/6B5ZS2THGMPX2CG2C7OVYS5F7REKYJYJ/ - https://www.cve.org/CVERecord?id=CVE-2024-31755 SRPMS: - 9/core/cjson-1.7.15-2.2.mga9 . Revised cjson modules for Mageia address security flaw causing segmentation faults. Advisory information provided.. cjson, Mageia Advisory, security issue, software update, segmentation fault. . LinuxSecurity.com Team

Calendar 2 Oct 04, 2024 Mageia
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdateFedora

Fedora 41 cjson Advisory FEDORA-2024-82f3634c69 critical: segfault fix

Update to new upstream version (closes rhbz#2237124). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-82f3634c69 2024-10-02 01:30:51.688935 -------------------------------------------------------------------------------- Name : cjson Product : Fedora 41 Version : 1.7.18 Release : 1.fc41 URL : https://github.com/DaveGamble/cJSON Summary : Ultralightweight JSON parser in ANSI C Description : cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. -------------------------------------------------------------------------------- Update Information: Update to new upstream version (closes rhbz#2237124) -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 26 2024 Fabian Affolter - 1.7.18-1 - Update to new upstream version (closes rhbz#2237124) - Fix rhbz#2277268, closes rhbz#2277269 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2277268 - CVE-2024-31755 cjson: segmentation violation trigger through the second parameter of function cJSON_SetValuestring at cJSON.c https://bugzilla.redhat.com/show_bug.cgi?id=2277268 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-82f3634c69' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announcemailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . Fedora Project has issued a vital security advisory for cjson v41 to prevent a segmentation fault vulnerability. Users should update their systems immediately to ensure security. Fedora Updates, cjson Security, JSON Parser Update, Segmentation Fix, Security Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 02, 2024 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdateFedora

Fedora 40: FEDORA-2024-5db248f2a0 moderate: cjson segmentation violation

Update to new upstream version (closes rhbz#2237124). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-5db248f2a0 2024-09-29 01:37:02.164163 -------------------------------------------------------------------------------- Name : cjson Product : Fedora 40 Version : 1.7.18 Release : 1.fc40 URL : https://github.com/DaveGamble/cJSON Summary : Ultralightweight JSON parser in ANSI C Description : cJSON aims to be the dumbest possible parser that you can get your job done with. It's a single file of C, and a single header file. -------------------------------------------------------------------------------- Update Information: Update to new upstream version (closes rhbz#2237124) -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 26 2024 Fabian Affolter - 1.7.18-1 - Update to new upstream version (closes rhbz#2237124) - Fix rhbz#2277268, closes rhbz#2277269 * Wed Jul 17 2024 Fedora Release Engineering - 1.7.17-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2277268 - CVE-2024-31755 cjson: segmentation violation trigger through the second parameter of function cJSON_SetValuestring at cJSON.c https://bugzilla.redhat.com/show_bug.cgi?id=2277268 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-5db248f2a0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Ubuntu releases libxml2 to resolve memory corruption vulnerability and improve features in build 2.9.12.. cjson updates, Fedora security advisory, JSON parser update, software upgrade. . LinuxSecurity.com Team

Calendar 2 Sep 29, 2024 Fedora
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here