81 matches found
github.com/buger/jsonparser: github.com/buger/jsonparser: Denial of Service via malformed JSON input
A flaw was found in github.com/buger/jsonparser. The Delete function, when processing malformed JSON input, fails to properly validate offsets. This vulnerability can lead to a negative slice index and a runtime panic, allowing a remote attacker to cause a denial of service DoS by providing...
CVE-2026-47110 Tiptap for PHP < 2.1.1 DoS via Malformed href Attribute
Tiptap for PHP before version 2.1.1 contains an input validation vulnerability that allows authenticated attackers to cause a denial of service by submitting Tiptap JSON with the attrs.href field set to an array instead of a string, causing an unhandled TypeError in the Link::isAllowedUri functio...
CVE-2026-47110 Tiptap for PHP < 2.1.1 DoS via Malformed href Attribute
Tiptap for PHP before version 2.1.1 contains an input validation vulnerability that allows authenticated attackers to cause a denial of service by submitting Tiptap JSON with the attrs.href field set to an array instead of a string, causing an unhandled TypeError in the Link::isAllowedUri functio...
CVE-2026-47110 Tiptap for PHP < 2.1.1 DoS via Malformed href Attribute
Tiptap for PHP before version 2.1.1 contains an input validation vulnerability that allows authenticated attackers to cause a denial of service by submitting Tiptap JSON with the attrs.href field set to an array instead of a string, causing an unhandled TypeError in the Link::isAllowedUri functio...
CVE-2026-48512 MessagePack-CSharp: JSON conversion APIs can recurse without consistent depth enforcement
MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, MessagePack-CSharp's JSON conversion helpers contain multiple recursion paths that do not consistently enforce a depth limit. These paths are in the JSON conversion component rather than normal typed MessagePack...
Alibaba Cloud Linux 3 : 0115: jq (ALINUX3-SA-2026:0115)
The remote Alibaba Cloud Linux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0115 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-39979: A flaw was found in jq, a...
jq: out-of-bounds read in jv_parse_sized() on error formatting for non-NUL-terminated buffers
A flaw was found in jq, a command line JSON processor, specifically in the libjq API. Parsing a malformed JSON input from a non-NUL-terminated buffer using the jvparsesized function can cause an out-of-bounds read, resulting in an application crash and a possible memory disclosure within the erro...
jq: out-of-bounds read in jv_parse_sized() on error formatting for non-NUL-terminated buffers
A flaw was found in jq, a command line JSON processor, specifically in the libjq API. Parsing a malformed JSON input from a non-NUL-terminated buffer using the jvparsesized function can cause an out-of-bounds read, resulting in an application crash and a possible memory disclosure within the erro...
jq: out-of-bounds read in jv_parse_sized() on error formatting for non-NUL-terminated buffers
A flaw was found in jq, a command line JSON processor, specifically in the libjq API. Parsing a malformed JSON input from a non-NUL-terminated buffer using the jvparsesized function can cause an out-of-bounds read, resulting in an application crash and a possible memory disclosure within the erro...
jq: out-of-bounds read in jv_parse_sized() on error formatting for non-NUL-terminated buffers
A flaw was found in jq, a command line JSON processor, specifically in the libjq API. Parsing a malformed JSON input from a non-NUL-terminated buffer using the jvparsesized function can cause an out-of-bounds read, resulting in an application crash and a possible memory disclosure within the erro...
CVE-2026-8295
The CVE-2026-8295 issue affects simdjson’s document-builder API, specifically the string_builder::escape_and_append() path. An integer overflow can occur when processing very large input strings on platforms with limited size_t width (e.g., 32-bit builds), causing insufficient buffer allocation a...
jq: out-of-bounds read in jv_parse_sized() on error formatting for non-NUL-terminated buffers
A flaw was found in jq, a command line JSON processor, specifically in the libjq API. Parsing a malformed JSON input from a non-NUL-terminated buffer using the jvparsesized function can cause an out-of-bounds read, resulting in an application crash and a possible memory disclosure within the erro...
CLSA-2026-1778173472 exim: Fix of 2 CVEs
CVE-2026-40685: fix heap corruption when expanding malformed JSON - CVE-2026-40687: fix heap buffer overflow and infoleak in SPA authenticator...
CVE-2026-40685
A flaw was found in Exim. When JSON lookup is enabled, a remote attacker can send specially crafted malformed JSON in an untrusted header, leading to an out-of-bounds heap write. This issue, caused by an incorrect implementation of backslash skipping, can result in a denial of service...
CVE-2026-40685
Exim before 4.99.2 is affected when JSON lookup is enabled. An out-of-bounds heap write can occur if a JSON operator encounters malformed JSON in an untrusted header, caused by an incorrect implementation of the JSON skipping logic. CVSS v3.1 metrics indicate a high-severity, remote-execution-lik...
CVE-2026-40685
In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...
CVE-2026-40685
In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...
CVE-2026-40685
In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...
Amazon Linux 2023 : rclone (ALAS2023-2026-1607)
"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1607 advisory. crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir...
Important: rclone
Issue Overview: crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was...