Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.31 views

Amazon Linux 2023 : jq, jq-devel (ALAS2023-2026-1815)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1815 advisory. jq is a command-line JSON processor. An integer overflow vulnerability exists through version 1.8.1 within the jvpstringappend and jvpstringcopyreplacebad functions, where concatenating string...

8.2CVSS6AI score0.00559EPSS
Exploits7References18
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.10 views

CVE-2026-1681

Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...

6.1CVSS5.5AI score0.00105EPSS
Exploits0References1
Debian
Debian
added 2026/05/17 3:53 p.m.25 views

[BSA-134] Security Update for jq

ChangZhuo Chen uploaded new packages for jq which fixed the following security problems: CVE-2026-32316 jq is a command-line JSON processor. An integer overflow vulnerability exists through version 1.8.1 within the jvpstringappend and jvpstringcopyreplacebad functions, where concatenating strings...

8.2CVSS6.2AI score0.00559EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: jq (UTSA-2026-014276)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014276 advisory. jq is a command-line JSON processor. In versions 1.8.1 and below, functions jvsetpath, jvgetpath, and delpathssorted in jq's src/jvaux.c use unbounded recursion whos...

6.2CVSS5.6AI score0.00234EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/04/14 11:26 p.m.7 views

SUSE CVE-2026-33947

jq is a command-line JSON processor. In versions 1.8.1 and below, functions jvsetpath, jvgetpath, and delpathssorted in jq's src/jvaux.c use unbounded recursion whose depth is controlled by the length of a caller-supplied path array, with no depth limit enforced. An attacker can supply a JSON...

5.5CVSS5.9AI score0.00234EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-33947

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jq is a command-line JSON processor. In versions 1.8.1 and below, functions jvsetpath, jvgetpath, and delpathssorted in jq's src/jvaux.c use unbounded recursion...

6.2CVSS6.6AI score0.00234EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2026/04/13 9:50 p.m.5 views

CVE-2026-33947

jq is a command-line JSON processor. In versions 1.8.1 and below, functions jvsetpath, jvgetpath, and delpathssorted in jq's src/jvaux.c use unbounded recursion whose depth is controlled by the length of a caller-supplied path array, with no depth limit enforced. An attacker can supply a JSON...

6.2CVSS5.6AI score0.00234EPSS
Exploits1
OSV
OSV
added 2025/09/10 7:15 p.m.2 views

DEBIAN-CVE-2025-9714

Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...

5.5CVSS5.3AI score0.00144EPSS
Exploits0References1
Rows per page
Query Builder