Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/48754?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "type": "deb", "namespace": "debian", "name": "jq", "version": "1.8.1-8", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28511?format=api", "vulnerability_id": "VCID-1bn9-x87m-9yas", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-39979.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-39979.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39979", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22019", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39979" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133921", "reference_id": "1133921", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133921" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458077", "reference_id": "2458077", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458077" }, { "reference_url": "https://github.com/jqlang/jq/commit/2f09060afab23fe9390cce7cb860b10416e1bf5f", "reference_id": "2f09060afab23fe9390cce7cb860b10416e1bf5f", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T13:43:11Z/" } ], "url": "https://github.com/jqlang/jq/commit/2f09060afab23fe9390cce7cb860b10416e1bf5f" }, { "reference_url": "https://github.com/jqlang/jq/security/advisories/GHSA-2hhh-px8h-355p", "reference_id": "GHSA-2hhh-px8h-355p", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T13:43:11Z/" } ], "url": "https://github.com/jqlang/jq/security/advisories/GHSA-2hhh-px8h-355p" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:16252", "reference_id": "RHSA-2026:16252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:16252" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:16692", "reference_id": "RHSA-2026:16692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:16692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:16693", "reference_id": "RHSA-2026:16693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:16693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18040", "reference_id": "RHSA-2026:18040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18042", "reference_id": "RHSA-2026:18042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18043", "reference_id": "RHSA-2026:18043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18044", "reference_id": "RHSA-2026:18044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18045", "reference_id": "RHSA-2026:18045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18046", "reference_id": "RHSA-2026:18046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18047", "reference_id": "RHSA-2026:18047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18048", "reference_id": "RHSA-2026:18048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19151", "reference_id": "RHSA-2026:19151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19365", "reference_id": "RHSA-2026:19365", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19365" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:23233", "reference_id": "RHSA-2026:23233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:23233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:23245", "reference_id": "RHSA-2026:23245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:23245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:25096", "reference_id": "RHSA-2026:25096", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:25096" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8579", "reference_id": "RHSA-2026:8579", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8579" }, { "reference_url": "https://usn.ubuntu.com/8202-1/", "reference_id": "USN-8202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8202-1/" }, { "reference_url": "https://usn.ubuntu.com/8202-2/", "reference_id": "USN-8202-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8202-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48767?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48755?format=api", "purl": "pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48774?format=api", "purl": "pkg:deb/debian/jq@1.8.1-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-39979" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1bn9-x87m-9yas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21672?format=api", "vulnerability_id": "VCID-2rzd-fp9k-83dx", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53427.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53427.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-53427", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00267", "scoring_system": "epss", "scoring_elements": "0.50492", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-53427" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102679", "reference_id": "1102679", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102679" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348420", "reference_id": "2348420", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348420" }, { "reference_url": "https://github.com/jqlang/jq/issues/3196", "reference_id": "3196", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-05T15:33:30Z/" } ], "url": "https://github.com/jqlang/jq/issues/3196" }, { "reference_url": "https://github.com/jqlang/jq/issues/3296", "reference_id": "3296", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-05T15:33:30Z/" } ], "url": "https://github.com/jqlang/jq/issues/3296" }, { "reference_url": "https://gist.github.com/Ekkosun/a83870ce7f3b7813b9b462a395e8ad92", "reference_id": "a83870ce7f3b7813b9b462a395e8ad92", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-05T15:33:30Z/" } ], "url": "https://gist.github.com/Ekkosun/a83870ce7f3b7813b9b462a395e8ad92" }, { "reference_url": "https://github.com/jqlang/jq/blob/71c2ab509a8628dbbad4bc7b3f98a64aa90d3297/src/decNumber/decNumber.c#L3375", "reference_id": "decNumber.c#L3375", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-05T15:33:30Z/" } ], "url": "https://github.com/jqlang/jq/blob/71c2ab509a8628dbbad4bc7b3f98a64aa90d3297/src/decNumber/decNumber.c#L3375" }, { "reference_url": "https://github.com/jqlang/jq/security/advisories/GHSA-x6c3-qv5r-7q22", "reference_id": "GHSA-x6c3-qv5r-7q22", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-03-05T15:33:30Z/" } ], "url": "https://github.com/jqlang/jq/security/advisories/GHSA-x6c3-qv5r-7q22" }, { "reference_url": "https://usn.ubuntu.com/7657-1/", "reference_id": "USN-7657-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7657-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48756?format=api", "purl": "pkg:deb/debian/jq@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48750?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn9-x87m-9yas" }, { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-kqq5-e8tf-2bcn" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-py7n-fd5j-dyby" }, { "vulnerability": "VCID-se77-nayk-w3aa" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" }, { "vulnerability": "VCID-yehm-r8mj-u7cf" }, { "vulnerability": "VCID-z2bj-awxs-b3eu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48759?format=api", "purl": "pkg:deb/debian/jq@1.7.1-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48755?format=api", "purl": "pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-53427" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2rzd-fp9k-83dx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29231?format=api", "vulnerability_id": "VCID-735d-4qa8-qucj", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43894.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43894.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-43894", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02895", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-43894" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43894", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43894" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136445", "reference_id": "1136445", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136445" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2469175", "reference_id": "2469175", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2469175" }, { "reference_url": "https://github.com/jqlang/jq/security/advisories/GHSA-5v7p-2r57-2g4g", "reference_id": "GHSA-5v7p-2r57-2g4g", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:32:08Z/" } ], "url": "https://github.com/jqlang/jq/security/advisories/GHSA-5v7p-2r57-2g4g" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48785?format=api", "purl": "pkg:deb/debian/jq@1.8.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-43894" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-735d-4qa8-qucj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28568?format=api", "vulnerability_id": "VCID-7wvq-xu3p-ykdb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40612.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40612.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-40612", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02321", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-40612" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40612", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40612" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136445", "reference_id": "1136445", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136445" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2469183", "reference_id": "2469183", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2469183" }, { "reference_url": "https://github.com/jqlang/jq/security/advisories/GHSA-r7m6-x9c7-h69j", "reference_id": "GHSA-r7m6-x9c7-h69j", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:23:24Z/" } ], "url": "https://github.com/jqlang/jq/security/advisories/GHSA-r7m6-x9c7-h69j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48785?format=api", "purl": "pkg:deb/debian/jq@1.8.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-40612" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7wvq-xu3p-ykdb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29232?format=api", "vulnerability_id": "VCID-8vh7-15g4-73c4", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43895.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43895.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-43895", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05741", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-43895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43895" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136445", "reference_id": "1136445", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136445" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2469199", "reference_id": "2469199", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2469199" }, { "reference_url": "https://github.com/jqlang/jq/security/advisories/GHSA-7q7g-mrq3-phxr", "reference_id": "GHSA-7q7g-mrq3-phxr", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T12:49:39Z/" } ], "url": "https://github.com/jqlang/jq/security/advisories/GHSA-7q7g-mrq3-phxr" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48767?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48785?format=api", "purl": "pkg:deb/debian/jq@1.8.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-43895" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8vh7-15g4-73c4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/211612?format=api", "vulnerability_id": "VCID-9syj-pqrm-sye3", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-47770", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-47770" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-47770" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9syj-pqrm-sye3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/133165?format=api", "vulnerability_id": "VCID-a485-e6bj-ubhj", "summary": "decToString in decNumber/decNumber.c in jq 88f01a7 has a one-byte out-of-bounds write via the \" []-1.2e-1111111111\" input. NOTE: this is not the same as CVE-2023-50246. The CVE-2023-50246 71c2ab5 reference mentions -10E-1000010001, which is not in normalized scientific notation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49355", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28295", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49355" }, { "reference_url": "https://github.com/jqlang/jq/tree/88f01a741c8d63c4d1b5bc3ef61520c6eb93edaa", "reference_id": "88f01a741c8d63c4d1b5bc3ef61520c6eb93edaa", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-07T16:54:37Z/" } ], "url": "https://github.com/jqlang/jq/tree/88f01a741c8d63c4d1b5bc3ef61520c6eb93edaa" }, { "reference_url": "https://github.com/linzc21/bug-reports/blob/main/reports/jq/1.7-37-g88f01a7/heap-buffer-overflow/CVE-2023-49355.md", "reference_id": "CVE-2023-49355.md", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-07T16:54:37Z/" } ], "url": "https://github.com/linzc21/bug-reports/blob/main/reports/jq/1.7-37-g88f01a7/heap-buffer-overflow/CVE-2023-49355.md" }, { "reference_url": "https://github.com/jqlang/jq/blob/88f01a741c8d63c4d1b5bc3ef61520c6eb93edaa/src/decNumber/decNumber.c#L3764", "reference_id": "decNumber.c#L3764", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-07T16:54:37Z/" } ], "url": "https://github.com/jqlang/jq/blob/88f01a741c8d63c4d1b5bc3ef61520c6eb93edaa/src/decNumber/decNumber.c#L3764" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48756?format=api", "purl": "pkg:deb/debian/jq@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48750?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn9-x87m-9yas" }, { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-kqq5-e8tf-2bcn" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-py7n-fd5j-dyby" }, { "vulnerability": "VCID-se77-nayk-w3aa" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" }, { "vulnerability": "VCID-yehm-r8mj-u7cf" }, { "vulnerability": "VCID-z2bj-awxs-b3eu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48757?format=api", "purl": "pkg:deb/debian/jq@1.7.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48755?format=api", "purl": "pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-49355" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a485-e6bj-ubhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29314?format=api", "vulnerability_id": "VCID-bx2x-h9qx-cye8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44777.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-44777.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-44777", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02321", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-44777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44777" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136445", "reference_id": "1136445", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136445" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2469192", "reference_id": "2469192", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2469192" }, { "reference_url": "https://github.com/jqlang/jq/security/advisories/GHSA-rmpv-jgvr-wpr9", "reference_id": "GHSA-rmpv-jgvr-wpr9", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T20:11:08Z/" } ], "url": "https://github.com/jqlang/jq/security/advisories/GHSA-rmpv-jgvr-wpr9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48767?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48785?format=api", "purl": "pkg:deb/debian/jq@1.8.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-44777" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bx2x-h9qx-cye8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1241?format=api", "vulnerability_id": "VCID-c4mu-phy2-sudx", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4074.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4074.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4074", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0148", "scoring_system": "epss", "scoring_elements": "0.81401", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4074" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/hashicorp/consul/issues/10263", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/hashicorp/consul/issues/10263" }, { "reference_url": "https://github.com/NixOS/nixpkgs/pull/18908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/NixOS/nixpkgs/pull/18908" }, { "reference_url": "https://github.com/stedolan/jq/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/stedolan/jq/" }, { "reference_url": "https://github.com/stedolan/jq/issues/1136", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/stedolan/jq/issues/1136" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/04/24/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/04/24/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/04/24/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/04/24/4" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1329982", "reference_id": "1329982", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1329982" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822456", "reference_id": "822456", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822456" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4074", "reference_id": "CVE-2016-4074", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4074" }, { "reference_url": "https://usn.ubuntu.com/USN-4787-1/", "reference_id": "USN-USN-4787-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4787-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48751?format=api", "purl": "pkg:deb/debian/jq@1.5%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.5%252Bdfsg-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48750?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn9-x87m-9yas" }, { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-kqq5-e8tf-2bcn" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-py7n-fd5j-dyby" }, { "vulnerability": "VCID-se77-nayk-w3aa" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" }, { "vulnerability": "VCID-yehm-r8mj-u7cf" }, { "vulnerability": "VCID-z2bj-awxs-b3eu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48755?format=api", "purl": "pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-4074" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c4mu-phy2-sudx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28592?format=api", "vulnerability_id": "VCID-dprp-4xp8-afek", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41256.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41256.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41256", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02057", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41256" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41256", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41256" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136445", "reference_id": "1136445", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136445" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2469193", "reference_id": "2469193", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2469193" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48767?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48785?format=api", "purl": "pkg:deb/debian/jq@1.8.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-41256" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dprp-4xp8-afek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/185558?format=api", "vulnerability_id": "VCID-fq9t-9934-e7e3", "summary": "A buffer overflow in jq might allow remote attackers to execute\n arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00012.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00012.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00014.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1098.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1098.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1099.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1099.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1106.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1106.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8863.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8863.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8863", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10165", "scoring_system": "epss", "scoring_elements": "0.9328", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8863" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8863", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8863" }, { "reference_url": "https://github.com/stedolan/jq/commit/8eb1367ca44e772963e704a700ef72ae2e12babd", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/stedolan/jq/commit/8eb1367ca44e772963e704a700ef72ae2e12babd" }, { "reference_url": "https://github.com/stedolan/jq/issues/995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/stedolan/jq/issues/995" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/04/23/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/04/23/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/04/23/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/04/23/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328747", "reference_id": "1328747", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328747" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802231", "reference_id": "802231", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802231" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8863", "reference_id": "CVE-2015-8863", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8863" }, { "reference_url": "https://security.gentoo.org/glsa/201612-20", "reference_id": "GLSA-201612-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1098", "reference_id": "RHSA-2016:1098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1099", "reference_id": "RHSA-2016:1099", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1106", "reference_id": "RHSA-2016:1106", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1106" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48751?format=api", "purl": "pkg:deb/debian/jq@1.5%2Bdfsg-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.5%252Bdfsg-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48750?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn9-x87m-9yas" }, { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-kqq5-e8tf-2bcn" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-py7n-fd5j-dyby" }, { "vulnerability": "VCID-se77-nayk-w3aa" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" }, { "vulnerability": "VCID-yehm-r8mj-u7cf" }, { "vulnerability": "VCID-z2bj-awxs-b3eu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48755?format=api", "purl": "pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-8863" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fq9t-9934-e7e3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16128?format=api", "vulnerability_id": "VCID-hkf3-8rds-qycr", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50268.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50268.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50268", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27782", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50268" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058763", "reference_id": "1058763", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058763" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254468", "reference_id": "2254468", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254468" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48756?format=api", "purl": "pkg:deb/debian/jq@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48750?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn9-x87m-9yas" }, { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-kqq5-e8tf-2bcn" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-py7n-fd5j-dyby" }, { "vulnerability": "VCID-se77-nayk-w3aa" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" }, { "vulnerability": "VCID-yehm-r8mj-u7cf" }, { "vulnerability": "VCID-z2bj-awxs-b3eu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48757?format=api", "purl": "pkg:deb/debian/jq@1.7.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48755?format=api", "purl": "pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-50268" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hkf3-8rds-qycr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28293?format=api", "vulnerability_id": "VCID-kqq5-e8tf-2bcn", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33948.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33948.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33948", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33391", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33948" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133921", "reference_id": "1133921", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133921" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458085", "reference_id": "2458085", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458085" }, { "reference_url": "https://github.com/jqlang/jq/commit/6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b", "reference_id": "6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:53:20Z/" } ], "url": "https://github.com/jqlang/jq/commit/6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b" }, { "reference_url": "https://github.com/jqlang/jq/security/advisories/GHSA-32cx-cvvh-2wj9", "reference_id": "GHSA-32cx-cvvh-2wj9", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:53:20Z/" } ], "url": "https://github.com/jqlang/jq/security/advisories/GHSA-32cx-cvvh-2wj9" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8579", "reference_id": "RHSA-2026:8579", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8579" }, { "reference_url": "https://usn.ubuntu.com/8202-1/", "reference_id": "USN-8202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8202-1/" }, { "reference_url": "https://usn.ubuntu.com/8202-2/", "reference_id": "USN-8202-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8202-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48767?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48755?format=api", "purl": "pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48774?format=api", "purl": "pkg:deb/debian/jq@1.8.1-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-33948" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kqq5-e8tf-2bcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18264?format=api", "vulnerability_id": "VCID-n82w-qncg-jbff", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23337.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-23337.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-23337", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.4991", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-23337" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23337", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23337" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106289", "reference_id": "1106289", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106289" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367807", "reference_id": "2367807", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367807" }, { "reference_url": "https://github.com/jqlang/jq/issues/3262", "reference_id": "3262", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:57:14Z/" } ], "url": "https://github.com/jqlang/jq/issues/3262" }, { "reference_url": "https://github.com/jqlang/jq/commit/de21386681c0df0104a99d9d09db23a9b2a78b1e", "reference_id": "de21386681c0df0104a99d9d09db23a9b2a78b1e", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:57:14Z/" } ], "url": "https://github.com/jqlang/jq/commit/de21386681c0df0104a99d9d09db23a9b2a78b1e" }, { "reference_url": "https://github.com/jqlang/jq/security/advisories/GHSA-2q6r-344g-cx46", "reference_id": "GHSA-2q6r-344g-cx46", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-21T14:57:14Z/" } ], "url": "https://github.com/jqlang/jq/security/advisories/GHSA-2q6r-344g-cx46" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10585", "reference_id": "RHSA-2025:10585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10585" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10613", "reference_id": "RHSA-2025:10613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10615", "reference_id": "RHSA-2025:10615", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10615" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10616", "reference_id": "RHSA-2025:10616", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10616" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10618", "reference_id": "RHSA-2025:10618", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10618" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10619", "reference_id": "RHSA-2025:10619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10620", "reference_id": "RHSA-2025:10620", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10620" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10621", "reference_id": "RHSA-2025:10621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10622", "reference_id": "RHSA-2025:10622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12882", "reference_id": "RHSA-2025:12882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12882" }, { "reference_url": "https://usn.ubuntu.com/7657-1/", "reference_id": "USN-7657-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7657-1/" }, { "reference_url": "https://usn.ubuntu.com/7657-2/", "reference_id": "USN-7657-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7657-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48758?format=api", "purl": "pkg:deb/debian/jq@1.7.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48755?format=api", "purl": "pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-23337" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n82w-qncg-jbff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25433?format=api", "vulnerability_id": "VCID-pq1y-sq77-w3as", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48060.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48060.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-48060", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00588", "scoring_system": "epss", "scoring_elements": "0.69612", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-48060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48060" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106288", "reference_id": "1106288", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106288" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367842", "reference_id": "2367842", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367842" }, { "reference_url": "https://github.com/jqlang/jq/security/advisories/GHSA-p7rr-28xf-3m5w", "reference_id": "GHSA-p7rr-28xf-3m5w", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-21T18:39:23Z/" } ], "url": "https://github.com/jqlang/jq/security/advisories/GHSA-p7rr-28xf-3m5w" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10585", "reference_id": "RHSA-2025:10585", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10585" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10613", "reference_id": "RHSA-2025:10613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10615", "reference_id": "RHSA-2025:10615", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10615" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10616", "reference_id": "RHSA-2025:10616", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10616" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10618", "reference_id": "RHSA-2025:10618", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10618" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10619", "reference_id": "RHSA-2025:10619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10619" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10620", "reference_id": "RHSA-2025:10620", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10620" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10621", "reference_id": "RHSA-2025:10621", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10622", "reference_id": "RHSA-2025:10622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11363", "reference_id": "RHSA-2025:11363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11677", "reference_id": "RHSA-2025:11677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11681", "reference_id": "RHSA-2025:11681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12437", "reference_id": "RHSA-2025:12437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12882", "reference_id": "RHSA-2025:12882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14396", "reference_id": "RHSA-2025:14396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14853", "reference_id": "RHSA-2025:14853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15672", "reference_id": "RHSA-2025:15672", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15672" }, { "reference_url": "https://usn.ubuntu.com/7657-1/", "reference_id": "USN-7657-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7657-1/" }, { "reference_url": "https://usn.ubuntu.com/7657-2/", "reference_id": "USN-7657-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7657-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48760?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48750?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn9-x87m-9yas" }, { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-kqq5-e8tf-2bcn" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-py7n-fd5j-dyby" }, { "vulnerability": "VCID-se77-nayk-w3aa" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" }, { "vulnerability": "VCID-yehm-r8mj-u7cf" }, { "vulnerability": "VCID-z2bj-awxs-b3eu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48762?format=api", "purl": "pkg:deb/debian/jq@1.7.1-6%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48755?format=api", "purl": "pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48761?format=api", "purl": "pkg:deb/debian/jq@1.8.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-48060" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pq1y-sq77-w3as" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28519?format=api", "vulnerability_id": "VCID-py7n-fd5j-dyby", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40164.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40164.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-40164", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.07114", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-40164" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40164", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40164" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/jqlang/jq/commit/0c7d133c3c7e37c00b6d46b658a02244fdd3c784", "reference_id": "0c7d133c3c7e37c00b6d46b658a02244fdd3c784", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T19:08:48Z/" } ], "url": "https://github.com/jqlang/jq/commit/0c7d133c3c7e37c00b6d46b658a02244fdd3c784" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133921", "reference_id": "1133921", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133921" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458084", "reference_id": "2458084", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458084" }, { "reference_url": "https://github.com/jqlang/jq/security/advisories/GHSA-wwj8-gxm6-jc29", "reference_id": "GHSA-wwj8-gxm6-jc29", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T19:08:48Z/" } ], "url": "https://github.com/jqlang/jq/security/advisories/GHSA-wwj8-gxm6-jc29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:16252", "reference_id": "RHSA-2026:16252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:16252" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:16692", "reference_id": "RHSA-2026:16692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:16692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:16693", "reference_id": "RHSA-2026:16693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:16693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18040", "reference_id": "RHSA-2026:18040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18042", "reference_id": "RHSA-2026:18042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18043", "reference_id": "RHSA-2026:18043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18044", "reference_id": "RHSA-2026:18044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18045", "reference_id": "RHSA-2026:18045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18046", "reference_id": "RHSA-2026:18046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18047", "reference_id": "RHSA-2026:18047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:18048", "reference_id": "RHSA-2026:18048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:18048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19151", "reference_id": "RHSA-2026:19151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19365", "reference_id": "RHSA-2026:19365", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19365" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:23233", "reference_id": "RHSA-2026:23233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:23233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:23245", "reference_id": "RHSA-2026:23245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:23245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:25096", "reference_id": "RHSA-2026:25096", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:25096" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8579", "reference_id": "RHSA-2026:8579", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8579" }, { "reference_url": "https://usn.ubuntu.com/8202-1/", "reference_id": "USN-8202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8202-1/" }, { "reference_url": "https://usn.ubuntu.com/8202-2/", "reference_id": "USN-8202-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8202-2/" }, { "reference_url": "https://usn.ubuntu.com/8202-3/", "reference_id": "USN-8202-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8202-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48767?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48755?format=api", "purl": "pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48774?format=api", "purl": "pkg:deb/debian/jq@1.8.1-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-40164" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-py7n-fd5j-dyby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28292?format=api", "vulnerability_id": "VCID-se77-nayk-w3aa", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33947.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33947.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33947", "reference_id": "", "reference_type": "", "scores": [ { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00275", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33947" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133921", "reference_id": "1133921", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133921" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458038", "reference_id": "2458038", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458038" }, { "reference_url": "https://github.com/jqlang/jq/commit/fb59f1491058d58bdc3e8dd28f1773d1ac690a1f", "reference_id": "fb59f1491058d58bdc3e8dd28f1773d1ac690a1f", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T13:45:08Z/" } ], "url": "https://github.com/jqlang/jq/commit/fb59f1491058d58bdc3e8dd28f1773d1ac690a1f" }, { "reference_url": "https://github.com/jqlang/jq/security/advisories/GHSA-xwrw-4f8h-rjvg", "reference_id": "GHSA-xwrw-4f8h-rjvg", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T13:45:08Z/" } ], "url": "https://github.com/jqlang/jq/security/advisories/GHSA-xwrw-4f8h-rjvg" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8579", "reference_id": "RHSA-2026:8579", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8579" }, { "reference_url": "https://usn.ubuntu.com/8202-1/", "reference_id": "USN-8202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8202-1/" }, { "reference_url": "https://usn.ubuntu.com/8202-2/", "reference_id": "USN-8202-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8202-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48767?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48755?format=api", "purl": "pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48774?format=api", "purl": "pkg:deb/debian/jq@1.8.1-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-33947" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-se77-nayk-w3aa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28593?format=api", "vulnerability_id": "VCID-uju7-hgvf-b3ec", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41257.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41257.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41257", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02321", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-41257" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41257", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41257" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136445", "reference_id": "1136445", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136445" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2469187", "reference_id": "2469187", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2469187" }, { "reference_url": "https://github.com/jqlang/jq/security/advisories/GHSA-4jm8-m363-4539", "reference_id": "GHSA-4jm8-m363-4539", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-11T19:25:55Z/" } ], "url": "https://github.com/jqlang/jq/security/advisories/GHSA-4jm8-m363-4539" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48767?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48785?format=api", "purl": "pkg:deb/debian/jq@1.8.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-41257" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uju7-hgvf-b3ec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29233?format=api", "vulnerability_id": "VCID-vd75-u6ax-47bp", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43896.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43896.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-43896", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02895", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-43896" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43896", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43896" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136445", "reference_id": "1136445", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136445" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2469184", "reference_id": "2469184", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2469184" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48767?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48785?format=api", "purl": "pkg:deb/debian/jq@1.8.1-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-43896" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vd75-u6ax-47bp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/211628?format=api", "vulnerability_id": "VCID-xpmb-egf5-4yh1", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-49839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-49839" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-49839" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xpmb-egf5-4yh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25464?format=api", "vulnerability_id": "VCID-xzj5-dx5m-2bfq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49014.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49014.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49014", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.60163", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49014" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108062", "reference_id": "1108062", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108062" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373892", "reference_id": "2373892", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373892" }, { "reference_url": "https://github.com/jqlang/jq/commit/499c91bca9d4d027833bc62787d1bb075c03680e", "reference_id": "499c91bca9d4d027833bc62787d1bb075c03680e", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T17:38:03Z/" } ], "url": "https://github.com/jqlang/jq/commit/499c91bca9d4d027833bc62787d1bb075c03680e" }, { "reference_url": "https://github.com/jqlang/jq/security/advisories/GHSA-rmjp-cr27-wpg2", "reference_id": "GHSA-rmjp-cr27-wpg2", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-23T17:38:03Z/" } ], "url": "https://github.com/jqlang/jq/security/advisories/GHSA-rmjp-cr27-wpg2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48756?format=api", "purl": "pkg:deb/debian/jq@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48750?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn9-x87m-9yas" }, { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-kqq5-e8tf-2bcn" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-py7n-fd5j-dyby" }, { "vulnerability": "VCID-se77-nayk-w3aa" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" }, { "vulnerability": "VCID-yehm-r8mj-u7cf" }, { "vulnerability": "VCID-z2bj-awxs-b3eu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48755?format=api", "purl": "pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48763?format=api", "purl": "pkg:deb/debian/jq@1.8.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-49014" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xzj5-dx5m-2bfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28159?format=api", "vulnerability_id": "VCID-yehm-r8mj-u7cf", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32316.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32316.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-32316", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07551", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-32316" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32316", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32316" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133921", "reference_id": "1133921", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133921" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457929", "reference_id": "2457929", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457929" }, { "reference_url": "https://github.com/jqlang/jq/commit/e47e56d226519635768e6aab2f38f0ab037c09e5", "reference_id": "e47e56d226519635768e6aab2f38f0ab037c09e5", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T18:56:45Z/" } ], "url": "https://github.com/jqlang/jq/commit/e47e56d226519635768e6aab2f38f0ab037c09e5" }, { "reference_url": "https://github.com/jqlang/jq/security/advisories/GHSA-q3h9-m34w-h76f", "reference_id": "GHSA-q3h9-m34w-h76f", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T18:56:45Z/" } ], "url": "https://github.com/jqlang/jq/security/advisories/GHSA-q3h9-m34w-h76f" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8579", "reference_id": "RHSA-2026:8579", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8579" }, { "reference_url": "https://usn.ubuntu.com/8202-1/", "reference_id": "USN-8202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8202-1/" }, { "reference_url": "https://usn.ubuntu.com/8202-2/", "reference_id": "USN-8202-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8202-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48767?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48755?format=api", "purl": "pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48774?format=api", "purl": "pkg:deb/debian/jq@1.8.1-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-32316" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yehm-r8mj-u7cf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28509?format=api", "vulnerability_id": "VCID-z2bj-awxs-b3eu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-39956.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-39956.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39956", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05273", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39956", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39956" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133921", "reference_id": "1133921", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133921" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458076", "reference_id": "2458076", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458076" }, { "reference_url": "https://github.com/jqlang/jq/commit/fdf8ef0f0810e3d365cdd5160de43db46f57ed03", "reference_id": "fdf8ef0f0810e3d365cdd5160de43db46f57ed03", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:34:20Z/" } ], "url": "https://github.com/jqlang/jq/commit/fdf8ef0f0810e3d365cdd5160de43db46f57ed03" }, { "reference_url": "https://github.com/jqlang/jq/security/advisories/GHSA-6gc3-3g9p-xx28", "reference_id": "GHSA-6gc3-3g9p-xx28", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:34:20Z/" } ], "url": "https://github.com/jqlang/jq/security/advisories/GHSA-6gc3-3g9p-xx28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8579", "reference_id": "RHSA-2026:8579", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8579" }, { "reference_url": "https://usn.ubuntu.com/8202-1/", "reference_id": "USN-8202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8202-1/" }, { "reference_url": "https://usn.ubuntu.com/8202-2/", "reference_id": "USN-8202-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8202-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48767?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48755?format=api", "purl": "pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48774?format=api", "purl": "pkg:deb/debian/jq@1.8.1-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-39956" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z2bj-awxs-b3eu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16127?format=api", "vulnerability_id": "VCID-zug1-zygp-8khs", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50246.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50246.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50246", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49654", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50246" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/12/15/10", "reference_id": "10", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:50:50Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/12/15/10" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058763", "reference_id": "1058763", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058763" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254467", "reference_id": "2254467", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254467" }, { "reference_url": "https://github.com/jqlang/jq/commit/71c2ab509a8628dbbad4bc7b3f98a64aa90d3297", "reference_id": "71c2ab509a8628dbbad4bc7b3f98a64aa90d3297", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:50:50Z/" } ], "url": "https://github.com/jqlang/jq/commit/71c2ab509a8628dbbad4bc7b3f98a64aa90d3297" }, { "reference_url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64574", "reference_id": "detail?id=64574", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:50:50Z/" } ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64574" }, { "reference_url": "https://github.com/jqlang/jq/security/advisories/GHSA-686w-5m7m-54vc", "reference_id": "GHSA-686w-5m7m-54vc", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T15:50:50Z/" } ], "url": "https://github.com/jqlang/jq/security/advisories/GHSA-686w-5m7m-54vc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/48756?format=api", "purl": "pkg:deb/debian/jq@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48752?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48750?format=api", "purl": "pkg:deb/debian/jq@1.6-2.1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bn9-x87m-9yas" }, { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-kqq5-e8tf-2bcn" }, { "vulnerability": "VCID-n82w-qncg-jbff" }, { "vulnerability": "VCID-py7n-fd5j-dyby" }, { "vulnerability": "VCID-se77-nayk-w3aa" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" }, { "vulnerability": "VCID-yehm-r8mj-u7cf" }, { "vulnerability": "VCID-z2bj-awxs-b3eu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48757?format=api", "purl": "pkg:deb/debian/jq@1.7.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48755?format=api", "purl": "pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-735d-4qa8-qucj" }, { "vulnerability": "VCID-7wvq-xu3p-ykdb" }, { "vulnerability": "VCID-8vh7-15g4-73c4" }, { "vulnerability": "VCID-9syj-pqrm-sye3" }, { "vulnerability": "VCID-bx2x-h9qx-cye8" }, { "vulnerability": "VCID-dprp-4xp8-afek" }, { "vulnerability": "VCID-uju7-hgvf-b3ec" }, { "vulnerability": "VCID-vd75-u6ax-47bp" }, { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48753?format=api", "purl": "pkg:deb/debian/jq@1.8.1-7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-xpmb-egf5-4yh1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/48754?format=api", "purl": "pkg:deb/debian/jq@1.8.1-8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-50246" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zug1-zygp-8khs" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie" }