Linux Foundation Dojo
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Linux Foundation Dojo.
By the Year
In 2025 there have been 0 vulnerabilities in Linux Foundation Dojo. Dojo did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 9.80 |
| 2020 | 1 | 7.70 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Dojo vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Linux Foundation Dojo Security Vulnerabilities
All versions of package dojo are vulnerable to Prototype Pollution
CVE-2021-23450
9.8 - Critical
- December 17, 2021
All versions of package dojo are vulnerable to Prototype Pollution via the setObject function.
Prototype Pollution
In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution
CVE-2020-5258
7.7 - High
- March 10, 2020
In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values. This has been patched in versions 1.12.8, 1.13.7, 1.14.6, 1.15.3 and 1.16.2
Code Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Oracle Weblogic Server or by Linux Foundation? Click the Watch button to subscribe.
