OESA-2026-2487 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

OESA-2026-2424 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

CLSA-2026-1779123410 jq: Fix of 8 CVEs

CVE-2026-40164: randomize hash seed to mitigate hash collision DoS - CVE-2026-40612: limit containment check depth - CVE-2026-41256: fix NUL truncation in program files loaded with -f - CVE-2026-41257: fix signed-int overflow in stackreallocate - CVE-2026-43894: cap numeric literal length to...

CLSA-2026-1778934026 Fix CVE(s): CVE-2026-42010

SECURITY UPDATE: Authentication bypass via NUL-byte truncation in RSA-PSK username lookup - debian/patches/CVE-2026-42010.patch: replace strleninfo-username with info-usernamelen in gnutlsprocrsapskclientkx in lib/auth/rsapsk.c to prevent NUL-byte truncation allowing username matching with...

SUSE CVE-2026-41256

jq is a command-line JSON processor. In 1.8.1 and earlier, Top-level jq programs loaded from a file with -f are truncated at the first embedded NUL byte on current upstream HEAD. A crafted filter file such as . followed by \x00 and arbitrary suffix compiles and executes as only the prefix before...

UBUNTU-CVE-2026-41256

jq is a command-line JSON processor. In 1.8.1 and earlier, Top-level jq programs loaded from a file with -f are truncated at the first embedded NUL byte on current upstream HEAD. A crafted filter file such as . followed by \x00 and arbitrary suffix compiles and executes as only the prefix before...

CVE-2026-41256

The CVE affects jq up to version 1.8.1. Top-level jq programs loaded from a file with -f are truncated at the first embedded NUL byte on current upstream HEAD. A crafted filter file such as . followed by � and arbitrary suffix compiles and executes as only the prefix before the NUL, leading to a ...

jq 安全漏洞

jq is a lightweight and flexible command-line JSON processor developed by jqlang. Jq versions 1.8.1 and earlier have security vulnerabilities. These vulnerabilities arise from the top-level jq program loaded via the -f parameter being truncated at the first NUL byte. This can result in the...

CLSA-2026-1776972009 php: Fix of 3 CVEs

CVE-2021-21707: fix NUL byte truncation in XML/DOM URI file loading - CVE-2022-31628: fix phar wrapper denial of service when loading compressed quine archives - CVE-2022-31629: discard HTTP variables that mangle into Host- or Secure- prefixes...

CVE-2026-33948 jq: Embedded-NUL Truncation in CLI JSON Input Path Causes Prefix-Only Validation of Malformed Input

jq is a command-line JSON processor. Commits before 6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b contain a vulnerability where CLI input parsing allows validation bypass via embedded NUL bytes. When reading JSON from files or stdin, jq uses strlen to determine buffer length instead of the actual byte...

CVE-2026-33948

CVE-2026-33948 affects jq, a command-line JSON processor. Before commit 6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b, input parsing uses strlen() on data read from files or stdin, causing truncation at the first NUL byte and validating only the prefix as JSON. This enables an attacker to craft input ...

📄 7-Zip 25.00 Zip Slip Directory Traversal

7-Zip version 25.00 suffers from a symlink directory traversal vulnerability. This write up provides analysis with a proof of concept. ============================================================================================================================================= | Title : 7-Zip 25.0...

Linux Distros Unpatched Vulnerability : CVE-2018-6521

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The sqlauth module in SimpleSAMLphp before 1.15.2 relies on the MySQL utf8 charset, which truncates queries upon encountering four-byte characters. There might ...

CVE-2025-2265

The password of a web user in "Sante PACS Server.exe" is zero-padded to 0x2000 bytes, SHA1-hashed, base64-encoded, and stored in the USER table in the SQLite database HTTP.db. However, the number of hash bytes encoded and stored is truncated if the hash contains a zero byte...

SUSE CVE-2023-41105

An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath, the path will be truncated unexpectedly at the first '\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python...

SUSE CVE-2020-7066

In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using getheaders with user-supplied URL, if the URL contains zero \0 character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the getheade...

GHSA-H352-G5VW-3926 Improper Input Validation in fruity

Methods of NSString for conversion to a string may return a partial result. Since they call CStr::fromptr on a pointer to the string buffer, the string is terminated at the first null byte, which might not be the end of the string. In addition to the vulnerable functions listed for this issue, th...

The vulnerability of the PHP interpreter, which allows a remote attacker to create a file with an incorrect name

A vulnerability in the PHP interpreter’s moveuploadedfile function exists due to the truncation of the path when the character \x00 is present. As a result of exploiting this vulnerability, a malicious actor can create a file with an incorrect name, circumventing the restrictions imposed on the...

nginx 0.8.37 空字节截断导致任意代码执行漏洞

No description provided by source...

MOPB-33-2007:PHP mail() Message ASCIIZ Byte Truncation

Summary When the mail function is called with a message that contains an ASCIIZ byte it considers it the end of the message. PHP applications not filtering ASCIIZ strings from user input before embedding it into the message are therefore vulnerable to arbitrary email truncation. Affected versions...