7 matches found
CVE-2026-46378
Dasel is a command-line tool and library for querying, modifying, and transforming data structures. From 3.0.0 until 3.10.1, the selector lexer matchRegexPattern closure in Tokenizer.parseCurRune in selector/lexer/tokenize.go loops while tokenizing an unterminated regex literal such as r/ because...
CVE-2026-46377 Dasel: Index-out-of-range panic in dasel selector lexer on trailing backslash in quoted string
Dasel is a command-line tool and library for querying, modifying, and transforming data structures. From 3.0.0 until 3.10.1, the escape sequence handler in Tokenizer.parseCurRune in selector/lexer/tokenize.go increments past a trailing backslash in a quoted string such as "\ or '\ and then reads...
CVE-2026-46378 Dasel: Denial of service in dasel selector lexer due to infinite loop on unterminated regex literal
Dasel is a command-line tool and library for querying, modifying, and transforming data structures. From 3.0.0 until 3.10.1, the selector lexer matchRegexPattern closure in Tokenizer.parseCurRune in selector/lexer/tokenize.go loops while tokenizing an unterminated regex literal such as r/ because...
Linux Distros Unpatched Vulnerability : CVE-2026-33320
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dasel is a command-line tool and library for querying, modifying, and transforming data structures. Starting in version 3.0.0 and prior to version 3.3.1, Dasel'...
CVE-2026-33320
Dasel is a command-line tool and library for querying, modifying, and transforming data structures. Starting in version 3.0.0 and prior to version 3.3.1, Dasel's YAML reader allows an attacker who can supply YAML for processing to trigger extreme CPU and memory consumption. The issue is in the...
CVE-2026-33320 Dasel has unbounded YAML alias expansion in dasel leads to CPU/memory denial of service
Dasel is a command-line tool and library for querying, modifying, and transforming data structures. Starting in version 3.0.0 and prior to version 3.3.1, Dasel's YAML reader allows an attacker who can supply YAML for processing to trigger extreme CPU and memory consumption. The issue is in the...
CVE-2026-33320 Dasel has unbounded YAML alias expansion in dasel leads to CPU/memory denial of service
Dasel is a command-line tool and library for querying, modifying, and transforming data structures. Starting in version 3.0.0 and prior to version 3.3.1, Dasel's YAML reader allows an attacker who can supply YAML for processing to trigger extreme CPU and memory consumption. The issue is in the...