Lucene search
K

361 matches found

OSV
OSV
added 2026/05/29 4:3 p.m.13 views

RLSA-2026:19151 Important: jq security update

jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. Security Fixes: jq: out-of-bounds read in...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.10 views

RockyLinux 10 : jq (RLSA-2026:19151)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19151 advisory. jq: out-of-bounds read in jvparsesized on error formatting for non-NUL-terminated buffers CVE-2026-39979 jq: jq: Denial of Service via crafted JSON...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.23 views

RockyLinux 9 : jq (RLSA-2026:19365)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19365 advisory. jq: out-of-bounds read in jvparsesized on error formatting for non-NUL-terminated buffers CVE-2026-39979 jq: jq: Denial of Service via crafted JSON obje...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/05/20 6:0 p.m.29 views

CVE-2026-47099 TeleJSON < 6.0.0 DOM-based XSS via parse() Function

TeleJSON prior to 6.0.0 contains a DOM-based cross-site scripting vulnerability in the parse function that allows attackers to execute arbitrary JavaScript by delivering a crafted JSON payload containing a malicious constructor-name property value. The custom reviver passes the constructor name...

6.1CVSS0.00358EPSS
Exploits0References3
OSV
OSV
added 2026/05/19 12:0 a.m.13 views

ALSA-2026:19151 Important: jq security update

jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. Security Fixes: jq: out-of-bounds read in...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.12 views

RHEL 9 : jq (RHSA-2026:19365)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19365 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...

8.2CVSS5.9AI score0.00559EPSS
Exploits1References6
AlmaLinux
AlmaLinux
added 2026/05/19 12:0 a.m.10 views

Important: jq security update

jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. Security Fixes: jq: out-of-bounds read in...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/05/18 12:48 p.m.13 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/18 12:28 p.m.11 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/18 12:19 p.m.11 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/18 12:16 p.m.13 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/18 12:16 p.m.17 views

Important: Red Hat Security Advisory: jq security update

An update for jq is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/05/18 12:10 p.m.16 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/18 12:6 p.m.12 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/18 11:52 a.m.11 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.25 views

RHEL 9 : jq (RHSA-2026:18044)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:18044 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or...

8.2CVSS5.9AI score0.00559EPSS
Exploits1References6
Snyk
Snyk
added 2026/05/14 8:29 p.m.8 views

Improper Verification of Source of a Communication Channel

Overview electerm is an open-sourced terminal/ssh/telnet/serialport/sftp client Affected versions of this package are vulnerable to Improper Verification of Source of a Communication Channel via the single-instance socket process. An attacker can execute arbitrary code by sending a crafted JSON...

9.3CVSS6.2AI score0.00114EPSS
Exploits0References4
Rockylinux
Rockylinux
added 2026/05/14 6:1 p.m.10 views

jq security update

An update is available for jq. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list jq is a lightweight and flexible command-line JSON processor. jq is like sed for...

8.2CVSS5.8AI score0.00559EPSS
Exploits1
OSV
OSV
added 2026/05/14 6:16 a.m.3 views

UBUNTU-CVE-2025-14870

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted JSON payloads due to insufficient input validation...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References5
CVE
CVE
added 2026/05/14 5:37 a.m.19 views

CVE-2025-14870

CVE-2025-14870 affects GitLab Community and Enterprise Editions. Affected versions are GitLab CE/EE 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3. The issue allowed an unauthenticated user to cause a denial of service by sending specially crafted JSON payloads due to insuffic...

7.5CVSS5.8AI score0.00339EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder