14 matches found
SUSE-SU-2026:0931-1 Security update for jq
This update for jq fixes the following issue: - CVE-2025-9403: test suite assertion failure in JSON parsing consistency validation bsc1248600...
EUVD-2019-5222
Malware in sbrugna...
EUVD-2025-19230
Malicious code in bioql PyPI...
USN-7750-1 libjson-xs-perl vulnerability
It was discovered that JSON-XS incorrectly handled parsing certain JSON data. An attacker could possibly use this issue to cause JSON-XS to crash, resulting in a denial of service...
USN-7657-2 jq vulnerabilities
USN-7657-1 fixed CVE-2024-23337 and CVE-2025-48060 in jq. This update provides the corresponding fixes for Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS. Original advisory details: It was discovered that jq incorrectly handled certain values when parsing JSON data. A remote attacker...
Amazon Linux 2023 : jackson-core (ALAS2023-2025-1063)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1063 advisory. Jackson-core contains core low-level incremental streaming parser and generator abstractions used by Jackson Data Processor. Starting in version 2.0.0 and prior to version 2.13.0, a flaw in...
CVE-2025-6710
MongoDB Server may be susceptible to stack overflow due to JSON parsing mechanism, where specifically crafted JSON inputs may induce unwarranted levels of recursion, resulting in excessive stack space consumption. Such inputs can lead to a stack overflow that causes the server to crash which coul...
CVE-2025-6710 Pre-authentication Denial of Service Stack Overflow Vulnerability in JSON Parsing via Excessive Recursion in MongoDB
MongoDB Server may be susceptible to stack overflow due to JSON parsing mechanism, where specifically crafted JSON inputs may induce unwarranted levels of recursion, resulting in excessive stack space consumption. Such inputs can lead to a stack overflow that causes the server to crash which coul...
PT-2025-26974
Name of the Vulnerable Software and Affected Versions: MongoDB Server versions prior to 6.0.21 MongoDB Server versions prior to 7.0.17 MongoDB Server versions prior to 8.0.5 Description: The issue is related to the JSON parsing mechanism in MongoDB Server, where specifically crafted JSON inputs c...
PT-2025-22802
Name of the Vulnerable Software and Affected Versions cJSON versions prior to 1.7.18 Description The issue is related to a heap-based buffer over-read in the parse string function of the cJSON library. This occurs when cJSON ParseWithLength is called with a JSON string that has no trailing newlin...
uberAgent - Splunk dashboard does not display information about applications and desktops from DaaS
Splunk dashboard CVAD/DaaS Applications & Desktops does not display any information about published applications and desktops for DAAS. uberAgent.log file located in C:\Windows\Temp on the machine used for Citrix Cloud monitoring shows the errors: 2025-03-05 12:11:08.145...
DocsGPT Allows Remote Code Execution
A vulnerability, that could result in Remote Code Execution RCE, has been found in DocsGPT. Due to improper parsing of JSON data using eval an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint. This issue affects DocsGPT: from 0.8.1 through 0.12.0...
Medium: nerdctl
Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...
EUVD-2015-5266
Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service server crash via unspecified vectors, which are not properly handled in 1 json or 2 jsonb values...