Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisoryarbitrary code executionimportant

Ubuntu 22.04 LTS USN-7569-1 critical: Dojo security issues

Several security issues were fixed in Dojo.. ========================================================================== Ubuntu Security Notice USN-7569-1 June 16, 2025 dojo vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in Dojo. Software Description: - dojo: Modular JavaScript library Details: It was discovered that Dojo did not correctly handle DataGrids. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-15494) It was discovered that Dojo was vulnerable to prototype pollution. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-23450) Jonathan Leitschuh discovered that Dojo did not correctly sanitize certain inputs. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2019-10785, CVE-2020-4051) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS libjs-dojo-core 1.15.4+dfsg1-1ubuntu0.1 libjs-dojo-dijit 1.15.4+dfsg1-1ubuntu0.1 libjs-dojo-dojox 1.15.4+dfsg1-1ubuntu0.1 shrinksafe 1.15.4+dfsg1-1ubuntu0.1 Ubuntu 20.04 LTS libjs-dojo-core 1.15.0+dfsg1-1ubuntu0.1~esm1 Available with Ubuntu Pro libjs-dojo-dijit 1.15.0+dfsg1-1ubuntu0.1~esm1 Available with Ubuntu Pro libjs-dojo-dojox 1.15.0+dfsg1-1ubuntu0.1~esm1 Available with Ubuntu Pro shrinksafe 1.15.0+dfsg1-1ubuntu0.1~esm1 Available with UbuntuPro Ubuntu 16.04 LTS libjs-dojo-core 1.10.4+dfsg-2ubuntu0.1~esm1 Available with Ubuntu Pro libjs-dojo-dijit 1.10.4+dfsg-2ubuntu0.1~esm1 Available with Ubuntu Pro libjs-dojo-dojox 1.10.4+dfsg-2ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7569-1 CVE-2018-15494, CVE-2019-10785, CVE-2020-4051, CVE-2021-23450 Package Information: https://launchpad.net/ubuntu/+source/dojo/1.15.4+dfsg1-1ubuntu0.1 . Explore the recent Ubuntu USN-7569-1 release that tackles vulnerabilities in Dojo and offers essential patches for enhanced security measures.. Ubuntu security, Dojo vulnerabilities, software update, code execution, XSS fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 16, 2025 Critical Ubuntu
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorycriticalsoftware update

Mageia 8: MGASA-2023-0039 Critical Dojo XSS And Prototype Threats

Dijit Editor's LinkDialog plugin of dojo 1.14.0 to 1.14.7 is vulnerable to cross-site scripting (XSS) attacks. (CVE-2020-4051) Prototype pollution vulnerability via the setObject() function. (CVE-2021-23450) . MGASA-2023-0039 - Updated dojo packages fix security vulnerability Publication date: 07 Feb 2023 URL: https://advisories.mageia.org/MGASA-2023-0039.html Type: security Affected Mageia releases: 8 CVE: CVE-2020-4051, CVE-2021-23450 Dijit Editor's LinkDialog plugin of dojo 1.14.0 to 1.14.7 is vulnerable to cross-site scripting (XSS) attacks. (CVE-2020-4051) Prototype pollution vulnerability via the setObject() function. (CVE-2021-23450) References: - https://bugs.mageia.org/show_bug.cgi?id=31491 - https://github.com/dojo/dijit/security/advisories/GHSA-cxjc-r2fp-7mq6 - https://github.com/advisories/GHSA-m8gw-hjpr-rjv7 - https://www.cve.org/CVERecord?id=CVE-2020-4051 - https://www.cve.org/CVERecord?id=CVE-2021-23450 SRPMS: - 8/core/dojo-1.16.5-1.mga8 . Mageia 2023-0040 warns users about vulnerabilities in the CMS plugin regarding XSS attacks and prototype tampering threats. Keep informed on the patch details.. dojo Security, XSS Prevention, Mageia Advisory, Web Security, Software Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 07, 2023 Critical Mageia
Banner 2 1028x280 1708121730 1 1771599631
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisoryupdateDebian

Debian 10 DLA-3289-1 Critical: Dojo XSS and Pollution Issues

Two vulnerabilities were found in dojo, a modular JavaScript toolkit, that could result in information disclosure. CVE-2020-4051 . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3289-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Guilhem Moulin January 28, 2023 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : dojo Version : 1.14.2+dfsg1-1+deb10u3 CVE ID : CVE-2020-4051 CVE-2021-23450 Debian Bug : 970000 1014785 Two vulnerabilities were found in dojo, a modular JavaScript toolkit, that could result in information disclosure. CVE-2020-4051 The Dijit Editor's LinkDialog plugin of dojo 1.14.0 to 1.14.7 is vulnerable to cross-site scripting (XSS) attacks. CVE-2021-23450 Prototype pollution vulnerability via the setObject() function. For Debian 10 buster, these problems have been fixed in version 1.14.2+dfsg1-1+deb10u3. We recommend that you upgrade your dojo packages. For the detailed security status of dojo please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/dojo Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Update dojo libraries to address severe XSS vulnerabilities and prototype pollution concerns highlighted in Debian LTS Advisory DLA-3289-1.. Debian Security, Dojo Update, JavaScript Toolkit. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 29, 2023 Critical Debian LTS
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisoryupdatecross-site scripting

Mageia: 2020-0126 Moderate: Dojo Cross-Site Scripting Threat

Updated dojo package fixes security vulnerability: dojox was vulnerable to Cross-site Scripting. This was due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them (CVE-2019-10785). . MGASA-2020-0126 - Updated dojo packages fix security vulnerability Publication date: 06 Mar 2020 URL: https://advisories.mageia.org/MGASA-2020-0126.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-10785 Updated dojo package fixes security vulnerability: dojox was vulnerable to Cross-site Scripting. This was due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them (CVE-2019-10785). References: - https://bugs.mageia.org/show_bug.cgi?id=26287 - https://lists.debian.org/debian-lts-announce/2020/02/msg00033.html - https://www.cve.org/CVERecord?id=CVE-2019-10785 SRPMS: - 7/core/dojo-1.14.5-1.mga7 . Fedora 2021-0312 updates nano software to address Denial of Service vulnerability. Release date: 15 Apr 2021.. Dojo Security Update, Mageia Advisory, Cross-Site Scripting, Security Patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 06, 2020 Important Mageia
Banner 2 1028x280 1708121730 1 1771599631
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorysecurity issuecritical

Debian 8: DLA-1492-1 Critical: Dojo String Injection Issue Fix

It was discovered that there was a string injection vulnerability in the "dojo" Javascript library. For Debian 8 "Jessie", this issue has been fixed in dojo version . Package : dojo Version : 1.10.2+dfsg-1+deb8u1 CVE ID : CVE-2018-15494 Debian Bug : #906540 It was discovered that there was a string injection vulnerability in the "dojo" Javascript library. For Debian 8 "Jessie", this issue has been fixed in dojo version 1.10.2+dfsg-1+deb8u1 by Abhijith PA. We recommend that you upgrade your dojo packages. Regards, - -- ,'`. : :' : Chris Lamb `. `'` This email address is being protected from spambots. You need JavaScript enabled to view it. / chris-lamb.co.uk `- . Patch dojo library to rectify string injection vulnerability for Debian 8 systems. Fortify security measures through this essential upgrade.. dojo Security Fix, Debian Update, Injection Threat, Software Patch, Security Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 03, 2018 Critical Debian LTS
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here