Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -2 articles for you...
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorymoderatecross-user attack

Mageia 8: 2023-0058 Moderate: Ipython Cross-User Attack Threat

Executed config files from the current working directory, which could result in cross-user attacks if run from a directory multiple users may write to. (CVE-2022-21699) References: . MGASA-2023-0058 - Updated ipython packages fix security vulnerability Publication date: 27 Feb 2023 URL: https://advisories.mageia.org/MGASA-2023-0058.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-21699 Executed config files from the current working directory, which could result in cross-user attacks if run from a directory multiple users may write to. (CVE-2022-21699) References: - https://bugs.mageia.org/show_bug.cgi?id=29969 - https://lists.debian.org/debian-lts-announce/2022/01/msg00021.html - https://lists.debian.org/debian-security-announce/2022/msg00032.html - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/DZ7LVZBB4D7KVSFNEQUBEHFO3JW6D2ZK/ - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/CRQRTWHYXMLDJ572VGVUZMUPEOTPM3KB/ - - https://www.cve.org/CVERecord?id=CVE-2022-21699 SRPMS: - 8/core/ipython-7.31.1-1.mga8 . Debian: 2023-0073 low: a vulnerability in Python permits unauthorized access to sensitive data and poses a security risk. Mageia Security, ipython Update, Configuration Attacks. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 27, 2023 Important Mageia
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebiancross-user attack

Debian DSA-5065-1 Addressed Cross-User Vulnerability in IPython

It was discovered that IPython, an enhanced interactive Python shell, executed config files from the current working directory, which could result in cross-user attacks if run from a directory multiple users may write to. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5065-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff January 31, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ipython CVE ID : CVE-2022-21699 It was discovered that IPython, an enhanced interactive Python shell, executed config files from the current working directory, which could result in cross-user attacks if run from a directory multiple usersmay write to. For the oldstable distribution (buster), this problem has been fixed in version 5.8.0-1+deb10u1. For the stable distribution (bullseye), this problem has been fixed in version 7.20.0-1+deb11u1. We recommend that you upgrade your ipython packages. For the detailed security status of ipython please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/ipython Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . A recent security update for IPython on Debian systems addresses critical cross-user vulnerabilities that could lead to unauthorized access and data theft. ipython security, debian update, config execution risk, cross-user attack mitigation. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 31, 2022 Important Debian
Banner 4 1028x280 1708121825 1771600306
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentooarbitrary code execution

Gentoo: GLSA 201512-02 Normal: IPython Code Execution Threat

A vulnerability in IPython could result in execution of arbitrary JavaScript.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201512-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: IPython: User-assisted execution of arbitrary code Date: December 17, 2015 Bugs: #560708 ID: 201512-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A vulnerability in IPython could result in execution of arbitrary JavaScript. Background ========= IPython is an advanced interactive shell for Python. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-python/ipython < 3.2.1-r1 > = 3.2.1-r1 Description ========== IPython does not properly check the MIME type of a file. Impact ===== A remote attacker could entice a user to open a specially crafted text file using IPython, possibly resulting in execution of arbitrary JavaScript with the privileges of the process. Workaround ========= There is no known workaround at this time. Resolution ========= All IPython users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-python/ipython-3.2.1-r1" References ========= [ 1 ] CVE-2015-7337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7337 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201512-02 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of ourusers' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Security notice for Gentoo GLSA 202310-01 related to Jupyter Notebook privilege escalation flaw. Update highly advised.. IPython Security, Gentoo Linux, Code Execution Risk, Security Updates. . LinuxSecurity.com Team

Calendar 2 Dec 17, 2015 Gentoo
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysoftware updateFedora

Fedora 23: ipython Security Advisory for Execution Flaws and XSS Patches

Add upstream patch to fix file execution vulnerability (bug #1264067) ---- Add upstream patch to fix XSS vulnerability (bug #1259405). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-16128 2015-09-25 07:56:18.561783 -------------------------------------------------------------------------------- Name : ipython Product : Fedora 23 Version : 3.2.1 Release : 3.fc23 URL : https://ipython.org/ Summary : An enhanced interactive Python shell Description : IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: * Comprehensive object introspection. * Input history, persistent across sessions. * Caching of output results during a session with automatically generated references. * Readline based name completion. * Extensible system of 'magic' commands for controlling the environment and performing many tasks related either to IPython or the operating system. * Configuration system with easy switching between different setups (simpler than changing $PYTHONSTARTUP environment variables every time). * Session logging and reloading. * Extensible syntax processing for special purpose situations. * Access to the system shell with user-extensible alias system. * Easily embeddable in other Python programs. * Integrated access to the pdb debugger and the Python profiler. -------------------------------------------------------------------------------- Update Information: Add upstream patch to fix file execution vulnerability (bug #1264067) ---- Add upstream patch to fix XSS vulnerability (bug #1259405) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1264067 - CVE-2015-7337 ipython: Maliciously crafted files can be executed due to wrong file type determination https://bugzilla.redhat.com/show_bug.cgi?id=1264067 [ 2 ] Bug #1259405 - CVE-2015-6938 ipython: XSS via local folder name https://bugzilla.redhat.com/show_bug.cgi?id=1259405 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ipython' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . The latest ipython update on Fedora addresses critical execution vulnerabilities and mitigates XSS threats by implementing new patches aimed at bolstering overall security protocols.. ipython Security Update, Fedora 23, XSS Vulnerability Fix, Execution Flaw Resolution. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 25, 2015 Important Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 21: 2015-14901 Critical Update for ipython XSS Issue

Add upstream patch to fix XSS vulnerability (bug #1259405). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-14901 2015-09-17 21:56:49.243553 -------------------------------------------------------------------------------- Name : ipython Product : Fedora 21 Version : 2.4.1 Release : 8.fc21 URL : https://ipython.org/ Summary : An enhanced interactive Python shell Description : IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: * Comprehensive object introspection. * Input history, persistent across sessions. * Caching of output results during a session with automatically generated references. * Readline based name completion. * Extensible system of 'magic' commands for controlling the environment and performing many tasks related either to IPython or the operating system. * Configuration system with easy switching between different setups (simpler than changing $PYTHONSTARTUP environment variables every time). * Session logging and reloading. * Extensible syntax processing for special purpose situations. * Access to the system shell with user-extensible alias system. * Easily embeddable in other Python programs. * Integrated access to the pdb debugger and the Python profiler. -------------------------------------------------------------------------------- Update Information: Add upstream patch to fix XSS vulnerability (bug #1259405) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1259405 - CVE-2015-6938 ipython: XSS via local folder name https://bugzilla.redhat.com/show_bug.cgi?id=1259405 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ipython' at the command line. For more information, refer to "Managing Software with yum", available at . Allpackages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Fedora 21 has issued an update for ipython, resolving an XSS vulnerability with an upstream patch. Details available.. Fedora Security, ipython Update, XSS Patch, Bug Fix Fedora, Python Shell Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 18, 2015 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatesecurity update

Fedora 23: 2015-15467 Moderate: ipython XSS Vulnerability Patch

Add upstream patch to fix XSS vulnerability (bug #1259405). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-14902 2015-09-17 21:57:09.572655 -------------------------------------------------------------------------------- Name : ipython Product : Fedora 22 Version : 2.4.1 Release : 8.fc22 URL : https://ipython.org/ Summary : An enhanced interactive Python shell Description : IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: * Comprehensive object introspection. * Input history, persistent across sessions. * Caching of output results during a session with automatically generated references. * Readline based name completion. * Extensible system of 'magic' commands for controlling the environment and performing many tasks related either to IPython or the operating system. * Configuration system with easy switching between different setups (simpler than changing $PYTHONSTARTUP environment variables every time). * Session logging and reloading. * Extensible syntax processing for special purpose situations. * Access to the system shell with user-extensible alias system. * Easily embeddable in other Python programs. * Integrated access to the pdb debugger and the Python profiler. -------------------------------------------------------------------------------- Update Information: Add upstream patch to fix XSS vulnerability (bug #1259405) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1259405 - CVE-2015-6938 ipython: XSS via local folder name https://bugzilla.redhat.com/show_bug.cgi?id=1259405 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ipython' at the command line. For more information, refer to "Managing Software with yum", available at . Allpackages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Fedora 22 now incorporates an upstream patch for ipython that resolves a crucial XSS vulnerability. Ensure to install through yum to bolster system security.. Fedora Security Fix, XSS Issue, ipython Update, Security Patch. . LinuxSecurity.com Team

Calendar 2 Sep 18, 2015 Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 21: Fix for Critical Ipython CSRF Issue 2015-11767 Now Available

Fix CSRF issue. - Fix font-awesome paths (bug #1219956) - Add upstream patch to fix PyQt4 import (bug #1219997) - Use python2 macros, fix python3 shebang fix Fix fontawesome path. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-11767 2015-07-17 23:29:35 -------------------------------------------------------------------------------- Name : ipython Product : Fedora 21 Version : 2.4.1 Release : 7.fc21 URL : https://ipython.org/ Summary : An enhanced interactive Python shell Description : IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: * Comprehensive object introspection. * Input history, persistent across sessions. * Caching of output results during a session with automatically generated references. * Readline based name completion. * Extensible system of 'magic' commands for controlling the environment and performing many tasks related either to IPython or the operating system. * Configuration system with easy switching between different setups (simpler than changing $PYTHONSTARTUP environment variables every time). * Session logging and reloading. * Extensible syntax processing for special purpose situations. * Access to the system shell with user-extensible alias system. * Easily embeddable in other Python programs. * Integrated access to the pdb debugger and the Python profiler. -------------------------------------------------------------------------------- Update Information: Fix CSRF issue. - Fix font-awesome paths (bug #1219956) - Add upstream patch to fix PyQt4 import (bug #1219997) - Use python2 macros, fix python3 shebang fix Fix fontawesome path -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 16 2015 Orion Poplawski - 2.4.1-7 - Update to 2.x to fix CSRF issue (bug #1243842) * Mon Jul 13 2015 Orion Poplawski - 2.4.1-6 - Fix fontawesome path * Sat May 92015 Orion Poplawski - 2.4.1-5 - Sync more font-awesome changes from 3.1.0 * Sat May 9 2015 Orion Poplawski - 2.4.1-4 - More font-awesome fixes (bug #1170270) * Fri May 8 2015 Orion Poplawski - 2.4.1-3 - Add upstream patch to fix PyQt4 import (bug #1219997) - Use python2 macros, fix python3 shebang fix * Fri May 8 2015 Orion Poplawski - 2.4.1-2 - Fix font-awesome paths (bug #1219956) * Thu Feb 26 2015 Orion Poplawski - 2.4.1-1 - update to 2.4.1 * Wed Feb 25 2015 Orion Poplawski - 2.4.0-1 - update to 2.4.0 * Fri Nov 14 2014 Orion Poplawski - 2.3.0-1 - update to 2.3.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1243842 - CVE-2015-5607 iptyhon: cross-site request forgery in get_origin() https://bugzilla.redhat.com/show_bug.cgi?id=1243842 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ipython' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . This Debian patch addresses XSS vulnerabilities, Bootstrap directory inconsistencies, and module loading errors in jupyter 1.5.3.. Fedora 21 Updates, Ipython Security Advisory, CSRF Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 30, 2015 Critical Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here