Lucene search
K

4 matches found

OSV
OSV
added 2026/07/06 6:25 a.m.5 views

OESA-2026-2804 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

7.1CVSS6.1AI score0.00165EPSS
Exploits2References4
CVE
CVE
added 2026/06/25 5:22 p.m.38 views

CVE-2026-47770

The CVE-2026-47770 issue affects jq (the JSON processor) where comparing deeply nested arrays with the == operator can cause stack exhaustion via recursive structural comparison in src/jv.c (jvp_array_equal, jv_equal) and overflow in jv_cmp in src/jv_aux.c. This leads to a denial of service on at...

6.8CVSS5.9AI score0.00111EPSS
Exploits1References1Affected Software1
AlpineLinux
AlpineLinux
added 2026/06/25 5:22 p.m.9 views

CVE-2026-47770

jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on jq's ordinary command-line surface, resulting in denial of service via stack exhaustion uncontrolled recursion. The crash occurs in jq's recursive...

6.8CVSS5.9AI score0.00111EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2022-42004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer.deserializeFromArray to prevent use ...

7.5CVSS6.5AI score0.02706EPSS
Exploits1References3
Rows per page
Query Builder