Linux Foundation Dojo
By the Year
In 2024 there have been 0 vulnerabilities in Linux Foundation Dojo . Dojo did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 1 | 9.80 |
2020 | 1 | 7.70 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Dojo vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Linux Foundation Dojo Security Vulnerabilities
All versions of package dojo are vulnerable to Prototype Pollution
CVE-2021-23450
9.8 - Critical
- December 17, 2021
All versions of package dojo are vulnerable to Prototype Pollution via the setObject function.
Prototype Pollution
In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution
CVE-2020-5258
7.7 - High
- March 10, 2020
In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values. This has been patched in versions 1.12.8, 1.13.7, 1.14.6, 1.15.3 and 1.16.2
Code Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Oracle Weblogic Server or by Linux Foundation? Click the Watch button to subscribe.