Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryupdatered hat

RHSA-2020:4274-01 Update: Critical Apache Commons Collections Vulnerability

An update for rh-maven35-apache-commons-collections4 is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: rh-maven35-apache-commons-collections4 security update Advisory ID: RHSA-2020:4274-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2020:4274 Issue date: 2020-10-19 CVE Names: CVE-2015-7501 ==================================================================== 1. Summary: An update for rh-maven35-apache-commons-collections4 is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch 3. Description: The Apache Commons Collections library provides new interfaces, implementations, and utilities to extend the features of the Java Collections Framework. Security Fix(es): * apache-commons-collections: InvokerTransformer code execution during deserialisation (CVE-2015-7501) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4.Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1279330 - CVE-2015-7501 apache-commons-collections: InvokerTransformer code execution during deserialisation 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-maven35-apache-commons-collections4-4.0-7.3.el7.src.rpm noarch: rh-maven35-apache-commons-collections4-4.0-7.3.el7.noarch.rpm rh-maven35-apache-commons-collections4-javadoc-4.0-7.3.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-maven35-apache-commons-collections4-4.0-7.3.el7.src.rpm noarch: rh-maven35-apache-commons-collections4-4.0-7.3.el7.noarch.rpm rh-maven35-apache-commons-collections4-javadoc-4.0-7.3.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6): Source: rh-maven35-apache-commons-collections4-4.0-7.3.el7.src.rpm noarch: rh-maven35-apache-commons-collections4-4.0-7.3.el7.noarch.rpm rh-maven35-apache-commons-collections4-javadoc-4.0-7.3.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7): Source: rh-maven35-apache-commons-collections4-4.0-7.3.el7.src.rpm noarch: rh-maven35-apache-commons-collections4-4.0-7.3.el7.noarch.rpm rh-maven35-apache-commons-collections4-javadoc-4.0-7.3.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-maven35-apache-commons-collections4-4.0-7.3.el7.src.rpm noarch: rh-maven35-apache-commons-collections4-4.0-7.3.el7.noarch.rpm rh-maven35-apache-commons-collections4-javadoc-4.0-7.3.el7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2015-7501 https://access.redhat.com/security/updates/classification#important https://access.redhat.com/solutions/2045023 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX41gLtzjgjWX9erEAQiYHxAAicNOJdc7Ia9Gw/XgGzq94NGys714dgYF RlbIOsCAquAbes42AO/odyOWpiM7JO7LzLA5ZB0Txh7C79qf8eQtc5UrpoNhBq08 9wA+TuaCSXjk+JWPYyv5eS/ubZX80ORKeggRP3GZF3AHrPDC3VmHtPFnRrSm4rc7 BBQ4A4MbNKmVwKSHPIEGw4uOWEaamgg5iU58186G1CFO5bbSyN0g6+xRaxJSdPnn AD0CEoPsaxWvq8DYT326SZUBvXwG3P2QKHxAWLXdHNpuBSPX7rtexFa3LRnXXloU KKGYsInOJgB7gv8Yut5O52Wx+aGEzRUw7/m8+t+mFdCJloBgXCH07ErmVXaAF4dI RxSJvnfToN+pS5J4sMNaU0lPIF+1iaM9NYLRBRmeOLPDc0fgMNzpsxYhfIfquv2r QFDRVHXfFubG1PsCOmb865sDehG5rTMPJNiUXFTaPsVX2hAFU0mi++oQdhssrniy FY3e7Zr0WB7zLWf/NsGYahnJE/PR1L4e3e1wK31DXPt0dixMGZ2SQzI2ycvskeEk F3YyO0zWD2Crt7uLgy0xzyUJhlZVBbA41z4GJm/4ncUgXtScZXjpSMClc/wTU06j IuMhYBx019XoiMGjFq/FVL6PJoounta1YPe5/MJiIDtIUdYOql/SpyO3vTkwDXp7 8GnR2rs5F/Y=+Jvx -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A critical patch for rh-maven35-apache-commons-collections4 has been released for Red Hat Software Collections.. Red Hat, Apache Commons, Software Collection, Security Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Oct 19, 2020 Important Red Hat
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdateFedora

Fedora: 2019-02-19 Moderate: jackson-datatypes-collections Update

Fixes CVE-2018-14718 CVE-2018-14719 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-df57551f6d 2019-02-19 13:59:57.021257 --------------------------------------------------------------------------------Name : jackson-datatypes-collections Product : Fedora 29 Version : 2.9.8 Release : 1.fc29 URL : https://github.com/FasterXML/jackson-datatypes-collections Summary : Jackson datatypes: collections Description : This is a multi-module umbrella project for various Jackson Data-type modules to support 3rd party Collection libraries. Currently included are: * Guava data-type * HPPC data-type * PCollections data-type --------------------------------------------------------------------------------Update Information: Fixes CVE-2018-14718 CVE-2018-14719 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. --------------------------------------------------------------------------------ChangeLog: * Wed Feb 6 2019 Mat Booth - 2.9.8-1 - Update to latest upstream release * Fri Feb 1 2019 Fedora Release Engineering - 2.9.4-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: improper polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improperpolymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------This update can beinstalled with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-df57551f6d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. . Fedora has released a crucial security advisory regarding multiple new CVEs affecting the jackson-datatypes-collections package, urging users to review vulnerabilities and update promptly. jackson datatypes collections update, Fedora security, collections update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 19, 2019 Important Fedora
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here