Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisoryserver exploitmageia

Mageia 8: 2022-0434 Moderate: Varnish Cache HTTP Request Forgery

An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could, in turn, be used to . MGASA-2022-0434 - Updated varnish packages fix security vulnerability Publication date: 18 Nov 2022 URL: https://advisories.mageia.org/MGASA-2022-0434.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-45060 An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This could, in turn, be used to exploit vulnerabilities in a server behind the Varnish server. (CVE-2022-45060) References: - https://bugs.mageia.org/show_bug.cgi?id=31121 - - https://docs.varnish-software.com/security/VSV00011/ - https://www.cve.org/CVERecord?id=CVE-2022-45060 SRPMS: - 8/core/varnish-6.5.1-1.3.mga8 . Nginx configurations revised for Fedora 36 to address a potential denial of service vulnerability, improving system resilience on 25 Dec 2022.. HTTP Request Forgery, Varnish Cache, Mageia Security Update, Exploit Risk, Server Vulnerability. . LinuxSecurity.com Team

Calendar 2 Nov 18, 2022 Mageia
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity updatered hat

Red Hat Enterprise Linux 8 - RHSA-2022-0418-01 Important HTTP Issue

An update for the varnish:6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: varnish:6 security update Advisory ID: RHSA-2022:0418-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0418 Issue date: 2022-02-03 CVE Names: CVE-2022-23959 ==================================================================== 1. Summary: An update for the varnish:6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: Varnish Cache is a high-performance HTTP accelerator. It stores web pages in memory so web servers don't have to create the same web page over and over again, giving the website a significant speed up. Security Fix(es): * varnish: HTTP/1 request smuggling vulnerability (CVE-2022-23959) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2045031 - CVE-2022-23959 varnish: HTTP/1 request smuggling vulnerability 6. Package List: Red Hat Enterprise LinuxAppStream (v. 8): Source: varnish-6.0.8-1.module+el8.5.0+14089+03a0c2cc.1.src.rpm varnish-modules-0.15.0-6.module+el8.5.0+11976+0b4af72d.src.rpm aarch64: varnish-6.0.8-1.module+el8.5.0+14089+03a0c2cc.1.aarch64.rpm varnish-devel-6.0.8-1.module+el8.5.0+14089+03a0c2cc.1.aarch64.rpm varnish-docs-6.0.8-1.module+el8.5.0+14089+03a0c2cc.1.aarch64.rpm varnish-modules-0.15.0-6.module+el8.5.0+11976+0b4af72d.aarch64.rpm varnish-modules-debuginfo-0.15.0-6.module+el8.5.0+11976+0b4af72d.aarch64.rpm varnish-modules-debugsource-0.15.0-6.module+el8.5.0+11976+0b4af72d.aarch64.rpm ppc64le: varnish-6.0.8-1.module+el8.5.0+14089+03a0c2cc.1.ppc64le.rpm varnish-devel-6.0.8-1.module+el8.5.0+14089+03a0c2cc.1.ppc64le.rpm varnish-docs-6.0.8-1.module+el8.5.0+14089+03a0c2cc.1.ppc64le.rpm varnish-modules-0.15.0-6.module+el8.5.0+11976+0b4af72d.ppc64le.rpm varnish-modules-debuginfo-0.15.0-6.module+el8.5.0+11976+0b4af72d.ppc64le.rpm varnish-modules-debugsource-0.15.0-6.module+el8.5.0+11976+0b4af72d.ppc64le.rpm s390x: varnish-6.0.8-1.module+el8.5.0+14089+03a0c2cc.1.s390x.rpm varnish-devel-6.0.8-1.module+el8.5.0+14089+03a0c2cc.1.s390x.rpm varnish-docs-6.0.8-1.module+el8.5.0+14089+03a0c2cc.1.s390x.rpm varnish-modules-0.15.0-6.module+el8.5.0+11976+0b4af72d.s390x.rpm varnish-modules-debuginfo-0.15.0-6.module+el8.5.0+11976+0b4af72d.s390x.rpm varnish-modules-debugsource-0.15.0-6.module+el8.5.0+11976+0b4af72d.s390x.rpm x86_64: varnish-6.0.8-1.module+el8.5.0+14089+03a0c2cc.1.x86_64.rpm varnish-devel-6.0.8-1.module+el8.5.0+14089+03a0c2cc.1.x86_64.rpm varnish-docs-6.0.8-1.module+el8.5.0+14089+03a0c2cc.1.x86_64.rpm varnish-modules-0.15.0-6.module+el8.5.0+11976+0b4af72d.x86_64.rpm varnish-modules-debuginfo-0.15.0-6.module+el8.5.0+11976+0b4af72d.x86_64.rpm varnish-modules-debugsource-0.15.0-6.module+el8.5.0+11976+0b4af72d.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2022-23959 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYfvIKdzjgjWX9erEAQhlxhAApzpvADi5tKtiu3Tp4zPzl/E4Dz1RgTLX /U3vVoyCClnJT6icKtc5Vie+ldgWVrFJZftq5JdTB+DdDBabWqKU1bfgpaTfp2F9 Zm+bs83Aeu1LsjbxmAvA10BInTcxBGHH2aZO0S5Q5cC6y6WTL3xic4G7HB0aKcv8 W+p66voLgu6wnXLQ+bdXTMzr95Bpys5U7EdY+IlO6x7iJ7Q12t9thnZFH/vpxS01 wlQsFlToCkoFOWuN+Uako7/7xW1tSSb43A/A19YBN2egothpheKeVuCuvna7VCwu gSI4asjV+PMKqXjRW/7S4Bnf8G6aEeGOZjSLoW8PgofjFI2kUkAeJM0xMo0hHa0R cFra3E+adO9brXXLhe5qtyVxYAXKpx7RK91I71ASX3KV5fVsGhluG4KeTW8LXnsP 3mTPaOn76ZD0Tm66K+K3dM8weMBu3qq9P3JjjYzWxJqRX/6oAE3X9fFYLNGXrUM9 2Pc8ZgWPFCSBEV8DPO+gSzE6qLaWzs/nqWA+b0+DqbaGSvRNUGV/vba0+Vx2YN7y QVY8LDevzzPKdojc8iIj5aCDP+Tp8rMTo4r5pYU4/1xNi1/ebI7/QqfGazVDtiAi QcGGZ9w8gId8+peZcZRADk/PkciAnkudcCv38G+EW4q8GEbvfuY136BLZO+4FTc3 q/U1wFWw4x8=GbD2 -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . An update for varnish:6 has been released for Red Hat Enterprise Linux 8, targeting an HTTP smuggling vulnerability classified as Important.. Varnish Update, Red Hat Security, Important Advisory, Request Smuggling, HTTP Vulnerability. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 03, 2022 Important Red Hat
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here