50 matches found
CVE-2026-39956
A flaw was found in jq, a command line JSON processor. In release builds, the strindices builtin function calls the jvstringindexes function without checking that the arguments are actually strings. This missing validation allows an attacker who can supply non-string inputs to cause an applicatio...
CVE-2026-39956
jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the strindices builtin in jq's src/builtin.c passes its arguments directly to jvstringindexes without verifying they are strings, and jvstringindexes in src/jv.c relies solely on assert checks that are...
CVE-2026-39956
jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the strindices builtin in jq's src/builtin.c passes its arguments directly to jvstringindexes without verifying they are strings, and jvstringindexes in src/jv.c relies solely on assert checks that are...
CVE-2026-39956
jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the strindices builtin in jq's src/builtin.c passes its arguments directly to jvstringindexes without verifying they are strings, and jvstringindexes in src/jv.c relies solely on assert checks that are...
CVE-2026-22041
Logging Redactor is a Python library designed to redact sensitive data in logs based on regex patterns and / or dictionary keys. Prior to version 0.0.6, non-string types are converted into string types, leading to type errors in %d conversions. The problem has been patched in version 0.0.6. No...
CVE-2026-22041 loggingredactor converts non-string types to string types in logs
Logging Redactor is a Python library designed to redact sensitive data in logs based on regex patterns and / or dictionary keys. Prior to version 0.0.6, non-string types are converted into string types, leading to type errors in %d conversions. The problem has been patched in version 0.0.6. No...
CVE-2026-22041
CVE-2026-22041 affects the Python library Logging Redactor. Prior to version 0.0.6, non-string data are coerced to strings, causing type errors in %d formatting. The issue is fixed in 0.0.6; multiple sources corroborate this patch. No exploit details are provided in the documents. Remediation: up...
CVE-2026-22041 loggingredactor converts non-string types to string types in logs
Logging Redactor is a Python library designed to redact sensitive data in logs based on regex patterns and / or dictionary keys. Prior to version 0.0.6, non-string types are converted into string types, leading to type errors in %d conversions. The problem has been patched in version 0.0.6. No...
CVE-2026-22041 loggingredactor converts non-string types to string types in logs
Logging Redactor is a Python library designed to redact sensitive data in logs based on regex patterns and / or dictionary keys. Prior to version 0.0.6, non-string types are converted into string types, leading to type errors in %d conversions. The problem has been patched in version 0.0.6. No...
EUVD-2026-1160
Logging Redactor is a Python library designed to redact sensitive data in logs based on regex patterns and / or dictionary keys. Prior to version 0.0.6, non-string types are converted into string types, leading to type errors in %d conversions. The problem has been patched in version 0.0.6. No...
GHSA-RVJX-CFJH-5MC9 loggingredactor converts non-string types to string types in logs
Impact Non-string types are converted into string types, leading to type errors in %d conversions. Patches The problem has been patched in version 0.0.6. Workarounds None without patching. Resources Issue report: https://github.com/armurox/loggingredactor/issues/7 Release:...
loggingredactor converts non-string types to string types in logs
Impact Non-string types are converted into string types, leading to type errors in %d conversions. Patches The problem has been patched in version 0.0.6. Workarounds None without patching. Resources Issue report: https://github.com/armurox/loggingredactor/issues/7 Release:...
OESA-2025-2686 python-ldap security update
python-ldap: python-ldap provides an object-oriented API to access LDAP directory servers from Python programs. Mainly it wraps the OpenLDAP 2.x libs for that purpose. Additionally the package contains modules for other LDAP-related stuff e.g. processing LDIF, LDAPURLs, LDAPv3 schema, LDAPv3...
CVE-2025-61911
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...
CVE-2025-61911 python-ldap has sanitization bypass in ldap.filter.escape_filter_chars
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...
CVE-2025-61911
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...
EUVD-2025-33797
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...
EUVD-2024-2720
Malicious code in bioql PyPI...
EUVD-2022-5914
Malicious code in bioql PyPI...
Improper Handling of Exceptional Conditions
Overview llama-index-core is an Interface between LLMs and your data Affected versions of this package are vulnerable to Improper Handling of Exceptional Conditions via the streamcomplete method of the LangChainLLM class. An attacker can disrupt service availability by providing an input of type...