USN-7569-1
- Source
- https://ubuntu.com/security/notices/USN-7569-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7569-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-7569-1
- Upstream
- Related
- Published
- 2025-06-16T02:55:56.290850Z
- Modified
- 2025-07-16T08:32:01.860495Z
- Summary
- dojo vulnerabilities
- Details
-
It was discovered that Dojo did not correctly handle DataGrids. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-15494)
It was discovered that Dojo was vulnerable to prototype pollution. An attacker could possibly use this issue to execute arbitrary code. (CVE-2021-23450)
Jonathan Leitschuh discovered that Dojo did not correctly sanitize certain inputs. An attacker could possibly use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2019-10785, CVE-2020-4051)
- References
Affected packages
Ubuntu:Pro:16.04:LTS / dojo
Package
- Name
- dojo
- Purl
- pkg:deb/ubuntu/dojo@1.10.4+dfsg-2ubuntu0.1~esm1?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.10.4+dfsg-2ubuntu0.1~esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "libjs-dojo-core",
"binary_version": "1.10.4+dfsg-2ubuntu0.1~esm1"
},
{
"binary_name": "libjs-dojo-dijit",
"binary_version": "1.10.4+dfsg-2ubuntu0.1~esm1"
},
{
"binary_name": "libjs-dojo-dojox",
"binary_version": "1.10.4+dfsg-2ubuntu0.1~esm1"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}
Ubuntu:Pro:20.04:LTS / dojo
Package
- Name
- dojo
- Purl
- pkg:deb/ubuntu/dojo@1.15.0+dfsg1-1ubuntu0.1~esm1?arch=source&distro=esm-apps/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.15.0+dfsg1-1ubuntu0.1~esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "libjs-dojo-core",
"binary_version": "1.15.0+dfsg1-1ubuntu0.1~esm1"
},
{
"binary_name": "libjs-dojo-dijit",
"binary_version": "1.15.0+dfsg1-1ubuntu0.1~esm1"
},
{
"binary_name": "libjs-dojo-dojox",
"binary_version": "1.15.0+dfsg1-1ubuntu0.1~esm1"
},
{
"binary_name": "shrinksafe",
"binary_version": "1.15.0+dfsg1-1ubuntu0.1~esm1"
}
],
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro"
}
Ubuntu:22.04:LTS / dojo
Package
- Name
- dojo
- Purl
- pkg:deb/ubuntu/dojo@1.15.4+dfsg1-1ubuntu0.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.15.4+dfsg1-1ubuntu0.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "libjs-dojo-core",
"binary_version": "1.15.4+dfsg1-1ubuntu0.1"
},
{
"binary_name": "libjs-dojo-dijit",
"binary_version": "1.15.4+dfsg1-1ubuntu0.1"
},
{
"binary_name": "libjs-dojo-dojox",
"binary_version": "1.15.4+dfsg1-1ubuntu0.1"
},
{
"binary_name": "shrinksafe",
"binary_version": "1.15.4+dfsg1-1ubuntu0.1"
}
],
"availability": "No subscription required"
}