Bugs fixes in "jq"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2026-40164 | jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible s | 2026-04-23 |
| CVE | CVE-2026-39979 | jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jv_parse_sized() API in libjq accepts a counted | 2026-04-23 |
| CVE | CVE-2026-39956 | jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the _strindices builtin in jq's src/builtin.c passes | 2026-04-23 |
| CVE | CVE-2026-33948 | jq is a command-line JSON processor. Commits before 6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b contain a vulnerability where CLI input parsing allows v | 2026-04-23 |
| CVE | CVE-2026-33947 | jq is a command-line JSON processor. In versions 1.8.1 and below, functions jv_setpath(), jv_getpath(), and delpaths_sorted() in jq's src/jv_aux.c us | 2026-04-23 |
| CVE | CVE-2026-32316 | jq is a command-line JSON processor. An integer overflow vulnerability exists through version 1.8.1 within the jvp_string_append() and jvp_string_cop | 2026-04-23 |
| CVE | CVE-2026-40164 | jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible s | 2026-04-23 |
| CVE | CVE-2026-39979 | jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jv_parse_sized() API in libjq accepts a counted | 2026-04-23 |
| CVE | CVE-2026-39956 | jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the _strindices builtin in jq's src/builtin.c passes | 2026-04-23 |
| CVE | CVE-2026-33948 | jq is a command-line JSON processor. Commits before 6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b contain a vulnerability where CLI input parsing allows v | 2026-04-23 |
| CVE | CVE-2026-33947 | jq is a command-line JSON processor. In versions 1.8.1 and below, functions jv_setpath(), jv_getpath(), and delpaths_sorted() in jq's src/jv_aux.c us | 2026-04-23 |
| CVE | CVE-2026-32316 | jq is a command-line JSON processor. An integer overflow vulnerability exists through version 1.8.1 within the jvp_string_append() and jvp_string_cop | 2026-04-23 |
| CVE | CVE-2026-40164 | jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible s | 2026-04-23 |
| CVE | CVE-2026-39979 | jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jv_parse_sized() API in libjq accepts a counted | 2026-04-23 |
| CVE | CVE-2026-39956 | jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the _strindices builtin in jq's src/builtin.c passes | 2026-04-23 |
| CVE | CVE-2026-33948 | jq is a command-line JSON processor. Commits before 6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b contain a vulnerability where CLI input parsing allows v | 2026-04-23 |
| CVE | CVE-2026-33947 | jq is a command-line JSON processor. In versions 1.8.1 and below, functions jv_setpath(), jv_getpath(), and delpaths_sorted() in jq's src/jv_aux.c us | 2026-04-23 |
| CVE | CVE-2026-32316 | jq is a command-line JSON processor. An integer overflow vulnerability exists through version 1.8.1 within the jvp_string_append() and jvp_string_cop | 2026-04-23 |
| CVE | CVE-2026-40164 | jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible s | 2026-04-23 |
| CVE | CVE-2026-39979 | jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jv_parse_sized() API in libjq accepts a counted | 2026-04-23 |
About
-
Send Feedback to @ubuntu_updates
