3 matches found
ROOT-OS-DEBIAN-12-CVE-2026-49839 CVE-2026-49839 in rootio-jq - Patched by Root
Root has patched CVE-2026-49839 in the rootio-jq package for Root:Debian:12. Multiple fixed versions available...
CVE-2026-49839
jq is a command-line JSON processor. Prior to 1.8.2, jq --rawfile can turn a handled oversized-string error into invalid-state reuse and a real heap out-of-bounds write in assertion-disabled builds. When jvloadfileraw=1 reads an attacker-controlled file, it repeatedly appends file chunks to the...
Linux Distros Unpatched Vulnerability : CVE-2026-49839
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jq is a command-line JSON processor. Prior to 1.8.2, jq --rawfile can turn a handled oversized-string error into invalid-state reuse and a real heap out-of-boun...