Lucene search
K

563 matches found

NVD
NVD
added 2026/07/06 2:16 a.m.8 views

CVE-2026-14803

Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion in the pure-Perl decoder. The pure-Perl decode path decodevalue dispatching to decodearray and decodeobject recurses with no depth limit, so a small deeply nested JSON document can consume excessive memory...

6.5CVSS0.0033EPSS
Exploits0References3
OSV
OSV
added 2026/07/06 2:16 a.m.4 views

DEBIAN-CVE-2026-14803

Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion in the pure-Perl decoder. The pure-Perl decode path decodevalue dispatching to decodearray and decodeobject recurses with no depth limit, so a small deeply nested JSON document can consume excessive memory...

6.5CVSS6AI score0.0033EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 1:34 a.m.9 views

EUVD-2026-41798

Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion in the pure-Perl decoder. The pure-Perl decode path decodevalue dispatching to decodearray and decodeobject recurses with no depth limit, so a small deeply nested JSON document can consume excessive memory...

6.5CVSS6AI score0.0033EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/06 1:34 a.m.36 views

CVE-2026-14803 Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion in the pure-Perl decoder

Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion in the pure-Perl decoder. The pure-Perl decode path decodevalue dispatching to decodearray and decodeobject recurses with no depth limit, so a small deeply nested JSON document can consume excessive memory...

0.0033EPSS
Exploits0References2
CVE
CVE
added 2026/07/06 1:34 a.m.22 views

CVE-2026-14803

Mojo::JSON prior to version 9.47 is vulnerable to memory exhaustion due to unbounded recursion in the pure-Perl JSON decoder (_decode_value -> _decode_array/_decode_object). The issue arises when the pure-Perl path is used (default if Cpanel::JSON::XS is not installed or MOJO_NO_JSON_XS=1); a ...

6.5CVSS6AI score0.0033EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/06 1:34 a.m.8 views

CVE-2026-14803

Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion in the pure-Perl decoder. The pure-Perl decode path decodevalue dispatching to decodearray and decodeobject recurses with no depth limit, so a small deeply nested JSON document can consume excessive memory...

6AI score0.0033EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/07/06 1:34 a.m.5 views

CVE-2026-14803

Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion in the pure-Perl decoder. The pure-Perl decode path decodevalue dispatching to decodearray and decodeobject recurses with no depth limit, so a small deeply nested JSON document can consume excessive memory...

6.5CVSS6AI score0.0033EPSS
Exploits0
OSV
OSV
added 2026/07/06 1:34 a.m.4 views

CVE-2026-14803 Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion in the pure-Perl decoder

Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion in the pure-Perl decoder. The pure-Perl decode path decodevalue dispatching to decodearray and decodeobject recurses with no depth limit, so a small deeply nested JSON document can consume excessive memory...

6.5CVSS6AI score0.0033EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/01 12:34 a.m.6 views

EUVD-2026-40796

Insufficient policy enforcement in Mojo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00253EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-14109

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Mojo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentiall...

9.6CVSS6.2AI score0.00253EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:17 p.m.9 views

CVE-2026-14109

Insufficient policy enforcement in Mojo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

9.6CVSS0.00253EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-14109

Insufficient policy enforcement in Mojo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.33 views

CVE-2026-14109

Insufficient policy enforcement in Mojo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

0.00253EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.6 views

CVE-2026-14109

Insufficient policy enforcement in Mojo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

9.6CVSS5.8AI score0.00253EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:39 p.m.26 views

CVE-2026-14109

CVE-2026-14109 describes insufficient policy enforcement in Mojo within Google Chrome prior to 150.0.7871.47, enabling a sandbox escape if a renderer process is compromised via a crafted HTML page. The connected Linux/Unix-facing records (Debian OSV, NVD, CVE lists, EUVD) corroborate: affected so...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54384

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in Mojo allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Mojo is an...

9.8CVSS6AI score0.00413EPSS
Exploits0References449
RedhatCVE
RedhatCVE
added 2026/06/29 5:37 a.m.6 views

CVE-2026-13281

An integer overflow flaw was found in the Mojo component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513138301...

8.7CVSS5.8AI score0.00177EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-13281

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in Mojo in Google Chrome prior to 149.0.7827.201 allowed a remote attacker who had compromised the renderer process to potentially perform a...

8.3CVSS6.2AI score0.00177EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/27 2:5 a.m.7 views

SUSE CVE-2026-13281

Integer overflow in Mojo in Google Chrome prior to 149.0.7827.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

8.3CVSS5.9AI score0.00177EPSS
Exploits0References3
CNVD
CNVD
added 2026/06/27 12:0 a.m.5 views

Google Chrome Input Validation Vulnerability (CNVD-2026-26524)

Google Chrome is a cross-platform web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.201 contained a vulnerability related to input validation errors. This vulnerability stemmed from an integer overflow issue in the Mojo component. Attackers could exploit this...

8.3CVSS6AI score0.00177EPSS
Exploits0
Rows per page
Query Builder