Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.23 views

RockyLinux 9 : jq (RLSA-2026:19365)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19365 advisory. jq: out-of-bounds read in jvparsesized on error formatting for non-NUL-terminated buffers CVE-2026-39979 jq: jq: Denial of Service via crafted JSON obje...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.15 views

TencentOS Server 3: jq (TSSA-2026:0370)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0370 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.2CVSS6AI score0.00559EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2026/05/21 5:15 a.m.14 views

USN-8202-3: jq regression

USN-8202-1 fixed vulnerabilities in jq. The update caused a regression for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that jq did not correctly handle certain string concatenations. An...

7.5CVSS6AI score0.00366EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/18 12:48 p.m.17 views

Important: Red Hat Security Advisory: jq security update

An update for jq is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/05/18 12:28 p.m.12 views

Important: Red Hat Security Advisory: jq security update

An update for jq is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as having...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.9 views

RHEL 8 : jq (RHSA-2026:18047)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:18047 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...

8.2CVSS5.9AI score0.00559EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.11 views

RHEL 10 : jq (RHSA-2026:18040)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18040 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...

8.2CVSS5.9AI score0.00559EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.14 views

MiracleLinux 8 : jq-1.6-12.el8_10 (AXSA:2026-629:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-629:02 advisory. jq: out-of-bounds read in jvparsesized on error formatting for non-NUL-terminated buffers CVE-2026-39979 jq: jq: Denial of Service via crafted JSON...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References3
Rockylinux
Rockylinux
added 2026/05/14 12:4 p.m.13 views

jq security update

An update is available for jq. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list jq is a lightweight and flexible command-line JSON processor. jq is like sed for...

8.2CVSS5.8AI score0.00559EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.7 views

AlmaLinux 9 : jq (ALSA-2026:16693)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:16693 advisory. jq: out-of-bounds read in jvparsesized on error formatting for non-NUL-terminated buffers CVE-2026-39979 jq: jq: Denial of Service via crafted JSON objec...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.7 views

RockyLinux 8 : jq (RLSA-2026:16252)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:16252 advisory. jq: out-of-bounds read in jvparsesized on error formatting for non-NUL-terminated buffers CVE-2026-39979 jq: jq: Denial of Service via crafted JSON obje...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/05/13 12:0 a.m.8 views

AlmaLinux 8 : jq (ALSA-2026:16252)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:16252 advisory. jq: out-of-bounds read in jvparsesized on error formatting for non-NUL-terminated buffers CVE-2026-39979 jq: jq: Denial of Service via crafted JSON objec...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/05/13 12:0 a.m.10 views

Oracle Linux 10 : jq (ELSA-2026-16692)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-16692 advisory. - Fix CVE-2026-40164 - Denial of Service via crafted JSON object causing hash collisions Tenable has extracted the preceding description block direct...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.3 views

Photon OS 5.0: Jq PHSA-2026-5.0-0827

An update of the jq package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0827. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid307869...

8.2CVSS6.6AI score0.00559EPSS
Exploits6References8
NVD
NVD
added 2026/04/13 11:16 p.m.7 views

CVE-2026-39979

jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jvparsesized API in libjq accepts a counted buffer with an explicit length parameter, but its error-handling path formats the input buffer using %s in jvstringfmt, which reads until a NUL terminat...

8.2CVSS0.00559EPSS
Exploits1References31
Rows per page
Query Builder