Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysecurity updatelow severity

SUSE 2024:1836-1 Low: Nodejs16 Undici Issues and Patch Instructions

* bsc#1222530 * bsc#1222603 Cross-References: * CVE-2024-30260 . # Security update for nodejs16 Announcement ID: SUSE-SU-2024:1836-1 Rating: low References: * bsc#1222530 * bsc#1222603 Cross-References: * CVE-2024-30260 * CVE-2024-30261 CVSS scores: * CVE-2024-30260 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2024-30261 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * Web and Scripting Module 12 An update that solves two vulnerabilities can now be installed. ## Description: This update for nodejs16 fixes the following issues: * CVE-2024-30260: undici: proxy-authorization header not cleared on cross- origin redirect for dispatch, request, stream, pipeline (bsc#1222530) * CVE-2024-30261: undici: Ensure that integrity cannot be tampered with (bsc#1222603) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 12 zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2024-1836=1 ## Package List: * Web and Scripting Module 12 (aarch64 ppc64le s390x x86_64) * npm16-16.20.2-8.45.1 * nodejs16-16.20.2-8.45.1 * nodejs16-debugsource-16.20.2-8.45.1 * nodejs16-debuginfo-16.20.2-8.45.1 * nodejs16-devel-16.20.2-8.45.1 * Web and Scripting Module 12 (noarch) * nodejs16-docs-16.20.2-8.45.1 ## References: * https://www.suse.com/security/cve/CVE-2024-30260.html * https://www.suse.com/security/cve/CVE-2024-30261.html * https://bugzilla.suse.com/show_bug.cgi?id=1222530 * https://bugzilla.suse.com/show_bug.cgi?id=1222603 . SUSE offers minor updates for python3 that tackle various vulnerabilities to reinforce system security.. Nodejs16 Security Update, SUSE Linux Enterprise, Low Severity Advisory. . Severity: Low. LinuxSecurity.com Team

Calendar 2 May 29, 2024 Low SuSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysoftware updateFedora

Fedora 39: FEDORA-2023-dbe64661af High: Node.js 18.18.2 Update

## 2023-10-13, Version 18.18.2 'Hydrogen' (LTS), @RafaelGSS This is a security release. ### Notable Changes The following CVEs are fixed in this release: * [CVE-2023-44487](-bin/cvename.cgi?name=CVE-2023-44487): `nghttp2` Security Release (High) * [CVE-2023-45143](- bin/cvename.cgi?name=CVE-2023-45143): `undici` Security Release (High) *. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-dbe64661af 2023-11-03 18:20:20.955346 -------------------------------------------------------------------------------- Name : nodejs18 Product : Fedora 39 Version : 18.18.2 Release : 1.fc39 URL : https://nodejs.org/en/ Summary : JavaScript runtime Description : Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed devices.} -------------------------------------------------------------------------------- Update Information: ## 2023-10-13, Version 18.18.2 'Hydrogen' (LTS), @RafaelGSS This is a security release. ### Notable Changes The following CVEs are fixed in this release: * [CVE-2023-44487](-bin/cvename.cgi?name=CVE-2023-44487): `nghttp2` Security Release (High) * [CVE-2023-45143](- bin/cvename.cgi?name=CVE-2023-45143): `undici` Security Release (High) * [CVE-2023-38552](-bin/cvename.cgi?name=CVE-2023-38552): Integrity checks according to policies can be circumvented (Medium) * [CVE-2023-39333](-bin/cvename.cgi?name=CVE-2023-39333): Code injection via WebAssembly export names (Low) More detailed information on each of the vulnerabilities can be found in [October 2023 Security Releases](- releases/) blog post. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 16 2023 Stephen Gallagher -1:18.18.2-1 - Update to 18.18.2 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-dbe64661af' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Node.js version 18.18.2 for Fedora 39 addresses significant security vulnerabilities, particularly concerning nghttp2 and undici, making this update essential.. nodejs security,Fedora updates,nghttp2 fix,undici release. . LinuxSecurity.com Team

Calendar 2 Nov 03, 2023 Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryhigh severityFedora

Fedora 38: FEDORA-2023-4d2fd884ea High: Nodejs 20.8.1 Security Fix

## 2023-10-13, Version 20.8.1 (Current), @RafaelGSS This is a security release. ### Notable Changes The following CVEs are fixed in this release: * [CVE-2023-44487](-bin/cvename.cgi?name=CVE-2023-44487): `nghttp2` Security Release (High) * [CVE-2023-45143](- bin/cvename.cgi?name=CVE-2023-45143): `undici` Security Release (High) *. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-4d2fd884ea 2023-10-26 01:50:50.421746 -------------------------------------------------------------------------------- Name : nodejs20 Product : Fedora 38 Version : 20.8.1 Release : 1.fc38 URL : https://nodejs.org/en/ Summary : JavaScript runtime Description : Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed devices.} -------------------------------------------------------------------------------- Update Information: ## 2023-10-13, Version 20.8.1 (Current), @RafaelGSS This is a security release. ### Notable Changes The following CVEs are fixed in this release: * [CVE-2023-44487](-bin/cvename.cgi?name=CVE-2023-44487): `nghttp2` Security Release (High) * [CVE-2023-45143](- bin/cvename.cgi?name=CVE-2023-45143): `undici` Security Release (High) * [CVE-2023-39332](-bin/cvename.cgi?name=CVE-2023-39332): Path traversal through path stored in Uint8Array (High) * [CVE-2023-39331](-bin/cvename.cgi?name=CVE-2023-39331): Permission model improperly protects against path traversal (High) * [CVE-2023-38552](-bin/cvename.cgi?name=CVE-2023-38552): Integrity checks according to policies can be circumvented (Medium) * [CVE-2023-39333](-bin/cvename.cgi?name=CVE-2023-39333): Code injection via WebAssembly export names (Low) More detailed information on each of thevulnerabilities can be found in [October 2023 Security Releases](- releases/) blog post. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 16 2023 Stephen Gallagher - 1:20.8.1-1 - Update to 20.8.1 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-4d2fd884ea' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Critical update for nodejs20 addressing several serious vulnerabilities on Fedora 38. Upgrade immediately to bolster security!. nodejs security,Fedora updates,package security advisories,high-severity issues. . LinuxSecurity.com Team

Calendar 2 Oct 26, 2023 Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedorasecurity release

Fedora 37: 2023-e9c04d81c1 High Threat Node.js Security Releases

## 2023-10-13, Version 18.18.2 'Hydrogen' (LTS), @RafaelGSS This is a security release. ### Notable Changes The following CVEs are fixed in this release: * [CVE-2023-44487](-bin/cvename.cgi?name=CVE-2023-44487): `nghttp2` Security Release (High) * [CVE-2023-45143](- bin/cvename.cgi?name=CVE-2023-45143): `undici` Security Release (High) *. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-e9c04d81c1 2023-10-26 01:34:25.902765 -------------------------------------------------------------------------------- Name : nodejs18 Product : Fedora 37 Version : 18.18.2 Release : 1.fc37 URL : https://nodejs.org/en/ Summary : JavaScript runtime Description : Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed devices.} -------------------------------------------------------------------------------- Update Information: ## 2023-10-13, Version 18.18.2 'Hydrogen' (LTS), @RafaelGSS This is a security release. ### Notable Changes The following CVEs are fixed in this release: * [CVE-2023-44487](-bin/cvename.cgi?name=CVE-2023-44487): `nghttp2` Security Release (High) * [CVE-2023-45143](- bin/cvename.cgi?name=CVE-2023-45143): `undici` Security Release (High) * [CVE-2023-38552](-bin/cvename.cgi?name=CVE-2023-38552): Integrity checks according to policies can be circumvented (Medium) * [CVE-2023-39333](-bin/cvename.cgi?name=CVE-2023-39333): Code injection via WebAssembly export names (Low) More detailed information on each of the vulnerabilities can be found in [October 2023 Security Releases](- releases/) blog post. -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 16 2023 Stephen Gallagher -1:18.18.2-1 - Update to 18.18.2 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-e9c04d81c1' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Ubuntu 22.04 Python3.10 security update tackles various vulnerabilities, boosting protection for users, enhancing software stability.. nodejs Security, Fedora Update, High Threat Fixes. . LinuxSecurity.com Team

Calendar 2 Oct 26, 2023 Fedora
Banner 4 1028x280 1708121825 1771600306
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisoryhigh severitysecurity issue

Mageia 9 MGASA-2023-0299 High: Nodejs Nghttp2 and Undici Security

This is a security release. The following CVEs are fixed in this release: CVE-2023-44487: nghttp2 Security Release (High) CVE-2023-45143: undici Security Release (High) . MGASA-2023-0299 - Updated nodejs packages fix security vulnerabilities Publication date: 22 Oct 2023 URL: https://advisories.mageia.org/MGASA-2023-0299.html Type: security Affected Mageia releases: 9 CVE: CVE-2023-44487, CVE-2023-45143, CVE-2023-38552, CVE-2023-39333 This is a security release. The following CVEs are fixed in this release: CVE-2023-44487: nghttp2 Security Release (High) CVE-2023-45143: undici Security Release (High) CVE-2023-38552: Integrity checks according to policies can be circumvented (Medium) CVE-2023-39333: Code injection via WebAssembly export names (Low) More detailed information on each of the vulnerabilities can be found in October 2023 Security Releases blog post. References: - https://bugs.mageia.org/show_bug.cgi?id=32403 - https://github.com/nodejs/node/releases/tag/v18.18.2 - https://github.com/nodejs/node/releases/tag/v18.18.1 - https://nodejs.org/en/blog/vulnerability/october-2023-security-releases - https://www.cve.org/CVERecord?id=CVE-2023-44487 - https://www.cve.org/CVERecord?id=CVE-2023-45143 - https://www.cve.org/CVERecord?id=CVE-2023-38552 - https://www.cve.org/CVERecord?id=CVE-2023-39333 SRPMS: - 9/core/nodejs-18.18.2-1.mga9 - 9/core/yarnpkg-1.22.19-14.mga9 . Mageia 2023-0300 tackles significant security vulnerabilities in nodejs, providing extensive CVE details. Please prioritize updating.. Mageia Security Update, Nodejs CVE Fixes, High Severity Issues. . LinuxSecurity.com Team

Calendar 2 Oct 22, 2023 Mageia
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here