Alerts This Week
Warning Icon 1 684
Alerts This Week
Warning Icon 1 684

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicecritical

Ubuntu 25.04: libcpanel-json-xs-perl Critical DoS USN-7749-1 CVE-2025-40929

Cpanel-JSON-XS could be made to crash if it parsed specially crafted JSON.. ========================================================================== Ubuntu Security Notice USN-7749-1 September 15, 2025 libcpanel-json-xs-perl vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Cpanel-JSON-XS could be made to crash if it parsed specially crafted JSON. Software Description: - libcpanel-json-xs-perl: module for fast and correct serialising to JSON Details: It was discovered that Cpanel-JSON-XS incorrectly handled parsing certain JSON data. An attacker could possibly use this issue to cause Cpanel-JSON-XS to crash, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 libcpanel-json-xs-perl 4.39-1ubuntu0.1 Ubuntu 24.04 LTS libcpanel-json-xs-perl 4.37-1ubuntu0.1 Ubuntu 22.04 LTS libcpanel-json-xs-perl 4.27-1ubuntu0.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7749-1 CVE-2025-40929 Package Information: https://launchpad.net/ubuntu/+source/libcpanel-json-xs-perl/4.39-1ubuntu0.1 https://launchpad.net/ubuntu/+source/libcpanel-json-xs-perl/4.27-1ubuntu0.2 . Ubuntu Security Advisory USN-7750-1 identifies a severe vulnerability in libexample-json-xs-perl that necessitates immediate patching.. Cpanel-JSON-XS DoS, Ubuntu security patches, JSON parsing issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 15, 2025 Critical Ubuntu
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicememory corruption

Ubuntu 22.04 LTS USN-6629-1 Critical: UltraJSON DoS And Memory Issues

Several security issues were fixed in UltraJSON.. ========================================================================== Ubuntu Security Notice USN-6629-1 February 14, 2024 ujson vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS (Available with Ubuntu Pro) - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in UltraJSON. Software Description: - ujson: ultra fast JSON encoder and decoder for Python 3 Details: It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. (CVE-2021-45958) Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An attacker could possibly use this issue to cause key confusion and overwrite values in dictionaries. (CVE-2022-31116) It was discovered that UltraJSON incorrectly handled an error when reallocating a buffer for string decoding. An attacker could possibly use this issue to corrupt memory. (CVE-2022-31117) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS (Available with Ubuntu Pro): python3-ujson 5.1.0-1ubuntu0.1~esm1 Ubuntu 18.04 LTS (Available with Ubuntu Pro): python-ujson 1.35-2ubuntu0.1~esm1 python3-ujson 1.35-2ubuntu0.1~esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): python-ujson 1.33-1ubuntu0.1~esm2 python3-ujson 1.33-1ubuntu0.1~esm2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6629-1 CVE-2021-45958, CVE-2022-31116, CVE-2022-31117 . Ensure yourUbuntu installations are fully updated to mitigate various security vulnerabilities associated with UltraJSON that could impact Python's JSON processing and memory stability.. UltraJSON Security, Ubuntu Updates, JSON Decoder Issues. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 14, 2024 Critical Ubuntu
Banner 3 1028x280 1708121785 1771599793
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderateruby

SUSE: 2020:0995-1 Moderate: ruby2.5 JSON And Socket Issues

An update that fixes two vulnerabilities is now available. . SUSE Security Update: Security update for ruby2.5 ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:0995-1 Rating: moderate References: #1167244 #1168938 Cross-References: CVE-2020-10663 CVE-2020-10933 Affected Products: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 SUSE Linux Enterprise Module for Basesystem 15-SP1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for ruby2.5 to version 2.5.8 fixes the following issues: - CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON (bsc#1167244). - CVE-2020-10933: Heap exposure vulnerability in the socket library (bsc#1168938). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-995=1 - SUSE Linux Enterprise Module for Basesystem 15-SP1: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-995=1 Package List: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (aarch64 ppc64le s390x x86_64): ruby2.5-debuginfo-2.5.8-4.11.1 ruby2.5-debugsource-2.5.8-4.11.1 ruby2.5-doc-2.5.8-4.11.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (noarch): ruby2.5-doc-ri-2.5.8-4.11.1 - SUSE Linux Enterprise Module for Basesystem 15-SP1 (aarch64 ppc64le s390x x86_64): libruby2_5-2_5-2.5.8-4.11.1 libruby2_5-2_5-debuginfo-2.5.8-4.11.1 ruby2.5-2.5.8-4.11.1 ruby2.5-debuginfo-2.5.8-4.11.1 ruby2.5-debugsource-2.5.8-4.11.1 ruby2.5-devel-2.5.8-4.11.1 ruby2.5-devel-extra-2.5.8-4.11.1 ruby2.5-stdlib-2.5.8-4.11.1 ruby2.5-stdlib-debuginfo-2.5.8-4.11.1 References: https://www.suse.com/security/cve/CVE-2020-10663.html https://www.suse.com/security/cve/CVE-2020-10933.html https://bugzilla.suse.com/1167244 https://bugzilla.suse.com/1168938 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . SUSE has released a security update for python3.6 addressing vulnerabilities of moderate impact, bolstering system security.. SUSE Security Update,ruby2.5 vulnerabilities,moderate security advisory,update information. . LinuxSecurity.com Team

Calendar 2 Apr 15, 2020 SuSE
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian: DSA-2613-1 Critical: JSON to YAML Parsing Flaw in Rails

Lawrence Pit discovered that Ruby on Rails, a web development framenwork, is vulnerable to a flaw in the parsing of JSON to YAML. Using a specially crafted payload attackers can trick the backend into decoding a subset of YAML. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-2613-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Thijs Kinkhorst January 29, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : rails Vulnerability : insufficient input validation Problem type : remote Debian-specific: no CVE ID : CVE-2013-0333 Debian Bug : 699226 Lawrence Pit discovered that Ruby on Rails, a web development framenwork, is vulnerable to a flaw in the parsing of JSON to YAML. Using a specially crafted payload attackers can trick the backend into decoding a subset of YAML. The vulnerability has been addressed by removing the YAML backend and adding the OkJson backend. For the stable distribution (squeeze), this problem has been fixed in version 2.3.5-1.2+squeeze6. For the testing distribution (wheezy), this problem will be fixed soon. For the unstable distribution (sid), this problem has been fixed in version 2.3.14-6 of the ruby-activesupport-2.3 package. The 3.2 version of rails as found in Debian wheezy and sid is not affected by the problem. We recommend that you upgrade your rails packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The Debian security team has issued a recommendation regarding a significant vulnerability found in Ruby on Rails, which influences the handling of JSON and the parsing of YAML content.. Ruby on Rails, JSON Parsing, YAML Issue, Debian Security. . Severity:Critical. LinuxSecurity.com Team

Calendar 2 Jan 30, 2013 Critical Debian
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here