Lucene search
+L

687 matches found

RedHat Linux
RedHat Linux
added 2026/07/09 8:3 a.m.10 views

Critical: Red Hat Security Advisory: OpenShift Container Platform 4.17.55 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.55 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

9.8CVSS6.9AI score0.93235EPSS
Exploits54References11
Tenable Nessus
Tenable Nessus
added 2026/07/09 12:0 a.m.6 views

openSUSE 16 Security Update : jq (openSUSE-SU-2026:21248-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:21248-1 advisory. - CVE-2025-48060: improper handling of string data in jvstringempty can lead to heap buffer overflow and a crash when processing crafted input...

8.7CVSS6.9AI score0.00559EPSS
Exploits10References33
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.6 views

Amazon Linux 2 : jq, --advisory ALAS2-2026-3496 (ALAS-2026-3496)

The version of jq installed on the remote host is prior to 1.6-17. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3496 advisory. jq is a command-line JSON processor. An integer overflow vulnerability exists through version 1.8.1 within the jvpstringappend a...

8.2CVSS6.9AI score0.00559EPSS
Exploits7References18
OSV
OSV
added 2026/07/07 12:32 p.m.2 views

SUSE-SU-2026:22566-1 Security update for jq

This update for jq fixes the following issues: - CVE-2025-48060: improper handling of string data in jvstringempty can lead to heap buffer overflow and a crash when processing crafted input bsc1244116. - CVE-2026-32316: integer overflow within the jvpstringappend and jvpstringcopyreplacebad...

8.7CVSS6.3AI score0.00559EPSS
Exploits10References23
OSV
OSV
added 2026/07/06 6:25 a.m.6 views

OESA-2026-2804 jq security update

jq is a lightweight and flexible command-line JSON processor. you can use it to slice and filter and map and transform structured data. It is written in portable C, and it has zero runtime dependencies. it can mangle the data format that you have into the one that you want. Security Fixes: jq is ...

7.1CVSS6.1AI score0.00165EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2026/07/06 12:0 a.m.8 views

MiracleLinux 9 : jq-1.6-19.el9_8.2 (AXSA:2026-1020:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-1020:03 advisory. jq: out-of-bounds read in jvparsesized on error formatting for non-NUL-terminated buffers CVE-2026-39979 jq: jq: Denial of Service via crafted JSON...

8.2CVSS7AI score0.00559EPSS
Exploits1References3
Debian
Debian
added 2026/07/01 5:44 p.m.8 views

[SECURITY] [DLA 4662-1] jq security update

Debian LTS Advisory DLA-4662-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson July 01, 2026 https://wiki.debian.org/LTS Package : jq Version : 1.6-2.1+deb12u2 CVE ID : CVE-2026-32316 CVE-2026-33947 CVE-2026-33948 CVE-2026-39956 CVE-2026-39979 CVE-2026-40164...

8.2CVSS6AI score0.00559EPSS
Exploits13
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.8 views

Debian dla-4662 : jq - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4662 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4662-1 [email protected]...

8.2CVSS7AI score0.00559EPSS
Exploits13References33
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.4 views

Debian dla-4661 : jq - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4661 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4661-1 [email protected]...

7.1CVSS6.4AI score0.00165EPSS
Exploits3References10
RedhatCVE
RedhatCVE
added 2026/06/29 6:44 p.m.9 views

CVE-2026-49839

A flaw was found in jq, a command-line JSON processor. This vulnerability allows an attacker to trigger a heap out-of-bounds write by providing a specially crafted, oversized file to the jq --rawfile option. This can lead to a denial of service DoS, making the affected system or application...

7.1CVSS5.7AI score0.00165EPSS
Exploits1References4
OSV
OSV
added 2026/06/29 12:53 p.m.4 views

ROOT-OS-DEBIAN-12-CVE-2026-40164 CVE-2026-40164 in rootio-jq - Patched by Root

Root has patched CVE-2026-40164 in the rootio-jq package for Root:Debian:12. Multiple fixed versions available...

7.5CVSS7.1AI score0.00366EPSS
Exploits0
OSV
OSV
added 2026/06/29 12:53 p.m.3 views

ROOT-OS-DEBIAN-12-CVE-2026-39979 CVE-2026-39979 in rootio-jq - Patched by Root

Root has patched CVE-2026-39979 in the rootio-jq package for Root:Debian:12. Multiple fixed versions available...

6.5CVSS5.8AI score0.00559EPSS
Exploits1
OSV
OSV
added 2026/06/29 12:53 p.m.7 views

ROOT-OS-DEBIAN-12-CVE-2026-49839 CVE-2026-49839 in rootio-jq - Patched by Root

Root has patched CVE-2026-49839 in the rootio-jq package for Root:Debian:12. Multiple fixed versions available...

7.1CVSS5.8AI score0.00165EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-54679

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvpstringappend has a chance of integer/multiple overflowing and then causing a massive...

6.9CVSS6.2AI score0.00103EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:8 a.m.10 views

jq --rawfile invalid-state reuse after String too long causes heap-buffer-overflow

...

7.1CVSS5.8AI score0.00165EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2026/06/27 1:52 a.m.7 views

SUSE CVE-2026-54679

jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvpstringappend has a chance of integer/multiple overflowing and then causing a massive buffer overrun. This vulnerability is fixed in 1.8.2...

8.1CVSS5.9AI score0.00103EPSS
Exploits0References4
OSV
OSV
added 2026/06/27 12:0 a.m.5 views

OPENSUSE-SU-2026:11133-1 jq-1.8.2-1.1 on GA media

These are all security issues fixed in the jq-1.8.2-1.1 package on the GA media of openSUSE Tumbleweed...

7.1CVSS5.8AI score0.00165EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2026/06/25 11:43 p.m.10 views

CVE-2026-54679

A flaw was found in jq, a command-line JSON processor. On 32-bit systems, a local attacker could exploit an integer overflow vulnerability in the jvpstringappend function. This could lead to a massive buffer overrun, resulting in a denial of service DoS condition. Mitigation Mitigation for this...

6.9CVSS5.8AI score0.00103EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 11:43 p.m.6 views

CVE-2026-47770

A flaw was found in jq, a command-line JSON processor. This vulnerability allows a local user or an attacker providing malicious input to cause a denial of service DoS by comparing two sufficiently deeply nested arrays using the '==' operator. This action exhausts the C stack due to uncontrolled...

6.8CVSS5.7AI score0.00111EPSS
Exploits1References4
NVD
NVD
added 2026/06/25 6:16 p.m.10 views

CVE-2026-47770

jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on jq's ordinary command-line surface, resulting in denial of service via stack exhaustion uncontrolled recursion. The crash occurs in jq's recursive...

6.8CVSS0.00111EPSS
Exploits1References1
Rows per page
Query Builder