Lucene search
K

5 matches found

Ubuntu
Ubuntu
added 2026/05/21 5:15 a.m.16 views

USN-8202-3: jq regression

USN-8202-1 fixed vulnerabilities in jq. The update caused a regression for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that jq did not correctly handle certain string concatenations. An...

7.5CVSS6AI score0.00366EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.3 views

Photon OS 5.0: Jq PHSA-2026-5.0-0827

An update of the jq package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0827. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid307869...

8.2CVSS6.6AI score0.00559EPSS
Exploits6References8
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-39956

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the strindices builtin in jq's src/builtin.c passes its argument...

6.1CVSS6.3AI score0.00174EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/04/13 11:16 p.m.6 views

CVE-2026-39956

jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the strindices builtin in jq's src/builtin.c passes its arguments directly to jvstringindexes without verifying they are strings, and jvstringindexes in src/jv.c relies solely on assert checks that are...

6.1CVSS5.8AI score0.00174EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/04/13 10:10 p.m.3 views

CVE-2026-39956 jq: Missing runtime type checks for _strindices lead to crash and limited memory disclosure

jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the strindices builtin in jq's src/builtin.c passes its arguments directly to jvstringindexes without verifying they are strings, and jvstringindexes in src/jv.c relies solely on assert checks that are...

6.1CVSS5.8AI score0.00174EPSS
Exploits1References2
Rows per page
Query Builder