Lucene search
K

213 matches found

RedHat Linux
RedHat Linux
added 6 days ago6 views

Critical: Red Hat Security Advisory: OpenShift Container Platform 4.17.55 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.55 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

9.8CVSS6.9AI score0.93235EPSS
Exploits54References11
Debian
Debian
added 2026/07/01 5:44 p.m.7 views

[SECURITY] [DLA 4662-1] jq security update

Debian LTS Advisory DLA-4662-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson July 01, 2026 https://wiki.debian.org/LTS Package : jq Version : 1.6-2.1+deb12u2 CVE ID : CVE-2026-32316 CVE-2026-33947 CVE-2026-33948 CVE-2026-39956 CVE-2026-39979 CVE-2026-40164...

8.2CVSS6AI score0.00559EPSS
Exploits13
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.7 views

Debian dla-4662 : jq - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4662 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4662-1 [email protected]...

8.2CVSS7.4AI score0.00559EPSS
Exploits13References33
RedhatCVE
RedhatCVE
added 2026/06/29 6:44 p.m.8 views

CVE-2026-49839

A flaw was found in jq, a command-line JSON processor. This vulnerability allows an attacker to trigger a heap out-of-bounds write by providing a specially crafted, oversized file to the jq --rawfile option. This can lead to a denial of service DoS, making the affected system or application...

7.1CVSS5.7AI score0.00165EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-54679

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvpstringappend has a chance of integer/multiple overflowing and then causing a massive...

6.9CVSS6.2AI score0.00103EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:8 a.m.7 views

jq --rawfile invalid-state reuse after String too long causes heap-buffer-overflow

...

7.1CVSS5.8AI score0.00165EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/06/25 11:43 p.m.5 views

CVE-2026-47770

A flaw was found in jq, a command-line JSON processor. This vulnerability allows a local user or an attacker providing malicious input to cause a denial of service DoS by comparing two sufficiently deeply nested arrays using the '==' operator. This action exhausts the C stack due to uncontrolled...

6.8CVSS5.7AI score0.00111EPSS
Exploits1References4
NVD
NVD
added 2026/06/25 6:16 p.m.8 views

CVE-2026-47770

jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on jq's ordinary command-line surface, resulting in denial of service via stack exhaustion uncontrolled recursion. The crash occurs in jq's recursive...

6.8CVSS0.00111EPSS
Exploits1References1
NVD
NVD
added 2026/06/25 6:16 p.m.9 views

CVE-2026-49839

jq is a command-line JSON processor. Prior to 1.8.2, jq --rawfile can turn a handled oversized-string error into invalid-state reuse and a real heap out-of-bounds write in assertion-disabled builds. When jvloadfileraw=1 reads an attacker-controlled file, it repeatedly appends file chunks to the...

7.1CVSS0.00165EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/25 5:22 p.m.38 views

CVE-2026-47770 jq: stack overflow in deep structural equality

jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on jq's ordinary command-line surface, resulting in denial of service via stack exhaustion uncontrolled recursion. The crash occurs in jq's recursive...

6.8CVSS0.00111EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/25 5:17 p.m.6 views

EUVD-2026-39500

jq is a command-line JSON processor. Prior to 1.8.2, jq --rawfile can turn a handled oversized-string error into invalid-state reuse and a real heap out-of-bounds write in assertion-disabled builds. When jvloadfileraw=1 reads an attacker-controlled file, it repeatedly appends file chunks to the...

7.1CVSS5.8AI score0.00165EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/06/25 5:16 p.m.6 views

CVE-2026-54679

jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvpstringappend has a chance of integer/multiple overflowing and then causing a massive buffer overrun. This vulnerability is fixed in 1.8.2...

6.9CVSS6AI score0.00103EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.8 views

Oracle Linux 9 : jq (ELSA-2026-19365)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-19365 advisory. - Fix CVE-2026-40164 - Denial of Service via crafted JSON object causing hash collisions - Fix CVE-2026-39979 out-of-bounds read in jvparsesized Tenab...

8.2CVSS5.9AI score0.00559EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/06/10 9:19 a.m.14 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.33 bug fix and security update

Red Hat OpenShift Container Platform release 4.19.33 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a...

8.8CVSS5.9AI score0.03663EPSS
Exploits21References6
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.10 views

CVE-2026-40612 affecting package jq for versions less than 1.7.1-6

CVE-2026-40612 affecting package jq for versions less than 1.7.1-6. A patched version of the package is available...

6.8CVSS5.4AI score0.00161EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.10 views

CVE-2026-43896 affecting package jq for versions less than 1.7.1-6

CVE-2026-43896 affecting package jq for versions less than 1.7.1-6. A patched version of the package is available...

6.2CVSS5.4AI score0.00154EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.11 views

CVE-2026-44777 affecting package jq for versions less than 1.7.1-6

CVE-2026-44777 affecting package jq for versions less than 1.7.1-6. A patched version of the package is available...

6.8CVSS5.4AI score0.00161EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.11 views

CVE-2026-41256 affecting package jq for versions less than 1.7.1-6

CVE-2026-41256 affecting package jq for versions less than 1.7.1-6. A patched version of the package is available...

5.5CVSS5.4AI score0.00158EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.11 views

CVE-2026-41257 affecting package jq for versions less than 1.7.1-6

CVE-2026-41257 affecting package jq for versions less than 1.7.1-6. A patched version of the package is available...

7.3CVSS5.4AI score0.00142EPSS
Exploits1
OSV
OSV
added 2026/05/29 4:3 p.m.13 views

RLSA-2026:19151 Important: jq security update

jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. Security Fixes: jq: out-of-bounds read in...

8.2CVSS5.8AI score0.00559EPSS
Exploits1References3
Rows per page
Query Builder