Lucene search
K

11 matches found

RedHat Linux
RedHat Linux
added 2026/05/18 12:28 p.m.11 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/18 12:10 p.m.17 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/18 12:6 p.m.13 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/18 12:6 p.m.14 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/13 2:10 a.m.10 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/13 2:8 a.m.9 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/12 4:7 p.m.8 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2026/04/17 8:1 a.m.7 views

jq: Algorithmic complexity DoS via hardcoded MurmurHash3 seed

...

7.5CVSS5.7AI score0.00366EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/13 11:40 p.m.5 views

CVE-2026-40164 jq: Algorithmic complexity DoS via hardcoded MurmurHash3 seed

jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible seed 0x432A9843 for all JSON object hash table operations, which allowed an attacker to precompute key collisions offline. By supplying a crafted JSO...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References2
OSV
OSV
added 2026/04/13 11:40 p.m.1 views

CVE-2026-40164 jq: Algorithmic complexity DoS via hardcoded MurmurHash3 seed

jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible seed 0x432A9843 for all JSON object hash table operations, which allowed an attacker to precompute key collisions offline. By supplying a crafted JSO...

7.5CVSS7AI score0.00366EPSS
Exploits0References34
Positive Technologies
Positive Technologies
added 2024/12/24 12:0 a.m.5 views

PT-2024-29616 · Nvr · Nvr

Name of the Vulnerable Software and Affected Versions: NVR affected versions not specified Description: A security research team, Team ENVY, has discovered a flaw that allows for remote code execution on the NVR. The issue stems from a hardcoded seed string for the encryption key. The manufacture...

5.6CVSS7.3AI score0.00182EPSS
Exploits0References5
Rows per page
Query Builder