Linux Distros Unpatched Vulnerability : CVE-2020-5259

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In affected versions of dojox NPM package, the jqMix method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties...

dijit (>=1.10.0 <=1.11.1), dojo-node (=4.1.0) +2 more potentially affected by CVE-2020-5258 via dojo (>=1.10.0 <=1.11.1)

dojo NPM version =1.10.0, =1.10.0, =1.10.3, =0.3.0-alpha.1, =0.3.0-alpha.32 Source cves: CVE-2020-5258 Source advisory: OSV:GHSA-JXFH-8WGV-VFR2...

Cross-site Scripting (XSS)

Overview dojox is a dojo extension, a rollup of many useful sub-projects and varying states of maturity, from very stable and robust, to alpha and experimental. Affected versions of this package are vulnerable to Cross-site Scripting XSS. dojox.xmpp.util.xmlEncode only encodes the first occurrenc...

@hpcc-js/dgrid-shim (>=0.0.29 <=0.0.32), dijit (>=1.12.1 <=1.12.11) +1 more potentially affected by CVE-2010-2273 via dojo (>=1.12.1 <=1.12.3)

dojo NPM version =1.12.1, =0.0.29, =1.12.1, =1.12.1, =1.12.11 Source cves: CVE-2010-2273 Source advisory: OSV:GHSA-536Q-8GXX-M782...