Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-1bn9-x87m-9yas

Summary

Aliases

alias	CVE-2026-39979

Fixed_packages

url pkg:deb/debian/jq@1.6-2.1?distro=trixie

purl pkg:deb/debian/jq@1.6-2.1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-735d-4qa8-qucj

vulnerability	VCID-7wvq-xu3p-ykdb

vulnerability	VCID-9syj-pqrm-sye3

vulnerability	VCID-n82w-qncg-jbff

vulnerability	VCID-xpmb-egf5-4yh1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%3Fdistro=trixie

url	pkg:deb/debian/jq@1.6-2.1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/jq@1.6-2.1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/jq@1.6-2.1%2Bdeb12u1

purl pkg:deb/debian/jq@1.6-2.1%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-735d-4qa8-qucj

vulnerability	VCID-7wvq-xu3p-ykdb

vulnerability	VCID-8vh7-15g4-73c4

vulnerability	VCID-9syj-pqrm-sye3

vulnerability	VCID-bx2x-h9qx-cye8

vulnerability	VCID-dprp-4xp8-afek

vulnerability	VCID-kqq5-e8tf-2bcn

vulnerability	VCID-n82w-qncg-jbff

vulnerability	VCID-py7n-fd5j-dyby

vulnerability	VCID-se77-nayk-w3aa

vulnerability	VCID-uju7-hgvf-b3ec

vulnerability	VCID-vd75-u6ax-47bp

vulnerability	VCID-xpmb-egf5-4yh1

vulnerability	VCID-yehm-r8mj-u7cf

vulnerability	VCID-z2bj-awxs-b3eu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb12u1

url pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-735d-4qa8-qucj

vulnerability	VCID-7wvq-xu3p-ykdb

vulnerability	VCID-8vh7-15g4-73c4

vulnerability	VCID-9syj-pqrm-sye3

vulnerability	VCID-bx2x-h9qx-cye8

vulnerability	VCID-dprp-4xp8-afek

vulnerability	VCID-uju7-hgvf-b3ec

vulnerability	VCID-vd75-u6ax-47bp

vulnerability	VCID-xpmb-egf5-4yh1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2

purl pkg:deb/debian/jq@1.7.1-6%2Bdeb13u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-735d-4qa8-qucj

vulnerability	VCID-7wvq-xu3p-ykdb

vulnerability	VCID-8vh7-15g4-73c4

vulnerability	VCID-9syj-pqrm-sye3

vulnerability	VCID-bx2x-h9qx-cye8

vulnerability	VCID-dprp-4xp8-afek

vulnerability	VCID-uju7-hgvf-b3ec

vulnerability	VCID-vd75-u6ax-47bp

vulnerability	VCID-xpmb-egf5-4yh1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.7.1-6%252Bdeb13u2

url	pkg:deb/debian/jq@1.8.1-5?distro=trixie
purl	pkg:deb/debian/jq@1.8.1-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-5%3Fdistro=trixie

url pkg:deb/debian/jq@1.8.1-7?distro=trixie

purl pkg:deb/debian/jq@1.8.1-7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-xpmb-egf5-4yh1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-7%3Fdistro=trixie

url	pkg:deb/debian/jq@1.8.1-8?distro=trixie
purl	pkg:deb/debian/jq@1.8.1-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.8.1-8%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/jq@1.4-1~bpo70%2B1

purl pkg:deb/debian/jq@1.4-1~bpo70%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-8vh7-15g4-73c4

vulnerability	VCID-bx2x-h9qx-cye8

vulnerability	VCID-c4mu-phy2-sudx

vulnerability	VCID-dprp-4xp8-afek

vulnerability	VCID-fq9t-9934-e7e3

vulnerability	VCID-kqq5-e8tf-2bcn

vulnerability	VCID-pq1y-sq77-w3as

vulnerability	VCID-py7n-fd5j-dyby

vulnerability	VCID-se77-nayk-w3aa

vulnerability	VCID-uju7-hgvf-b3ec

vulnerability	VCID-vd75-u6ax-47bp

vulnerability	VCID-yehm-r8mj-u7cf

vulnerability	VCID-z2bj-awxs-b3eu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.4-1~bpo70%252B1

url pkg:deb/debian/jq@1.4-2.1

purl pkg:deb/debian/jq@1.4-2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-8vh7-15g4-73c4

vulnerability	VCID-bx2x-h9qx-cye8

vulnerability	VCID-c4mu-phy2-sudx

vulnerability	VCID-dprp-4xp8-afek

vulnerability	VCID-fq9t-9934-e7e3

vulnerability	VCID-kqq5-e8tf-2bcn

vulnerability	VCID-pq1y-sq77-w3as

vulnerability	VCID-py7n-fd5j-dyby

vulnerability	VCID-se77-nayk-w3aa

vulnerability	VCID-uju7-hgvf-b3ec

vulnerability	VCID-vd75-u6ax-47bp

vulnerability	VCID-yehm-r8mj-u7cf

vulnerability	VCID-z2bj-awxs-b3eu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.4-2.1

url pkg:deb/debian/jq@1.4-2.1%2Bdeb8u1

purl pkg:deb/debian/jq@1.4-2.1%2Bdeb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-8vh7-15g4-73c4

vulnerability	VCID-bx2x-h9qx-cye8

vulnerability	VCID-c4mu-phy2-sudx

vulnerability	VCID-dprp-4xp8-afek

vulnerability	VCID-fq9t-9934-e7e3

vulnerability	VCID-kqq5-e8tf-2bcn

vulnerability	VCID-pq1y-sq77-w3as

vulnerability	VCID-py7n-fd5j-dyby

vulnerability	VCID-se77-nayk-w3aa

vulnerability	VCID-uju7-hgvf-b3ec

vulnerability	VCID-vd75-u6ax-47bp

vulnerability	VCID-yehm-r8mj-u7cf

vulnerability	VCID-z2bj-awxs-b3eu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.4-2.1%252Bdeb8u1

url pkg:deb/debian/jq@1.5%2Bdfsg-1.3~bpo8%2B1

purl pkg:deb/debian/jq@1.5%2Bdfsg-1.3~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-8vh7-15g4-73c4

vulnerability	VCID-bx2x-h9qx-cye8

vulnerability	VCID-dprp-4xp8-afek

vulnerability	VCID-kqq5-e8tf-2bcn

vulnerability	VCID-pq1y-sq77-w3as

vulnerability	VCID-py7n-fd5j-dyby

vulnerability	VCID-se77-nayk-w3aa

vulnerability	VCID-uju7-hgvf-b3ec

vulnerability	VCID-vd75-u6ax-47bp

vulnerability	VCID-yehm-r8mj-u7cf

vulnerability	VCID-z2bj-awxs-b3eu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.5%252Bdfsg-1.3~bpo8%252B1

url pkg:deb/debian/jq@1.5%2Bdfsg-1.3

purl pkg:deb/debian/jq@1.5%2Bdfsg-1.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-8vh7-15g4-73c4

vulnerability	VCID-bx2x-h9qx-cye8

vulnerability	VCID-dprp-4xp8-afek

vulnerability	VCID-kqq5-e8tf-2bcn

vulnerability	VCID-pq1y-sq77-w3as

vulnerability	VCID-py7n-fd5j-dyby

vulnerability	VCID-se77-nayk-w3aa

vulnerability	VCID-uju7-hgvf-b3ec

vulnerability	VCID-vd75-u6ax-47bp

vulnerability	VCID-yehm-r8mj-u7cf

vulnerability	VCID-z2bj-awxs-b3eu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.5%252Bdfsg-1.3

url pkg:deb/debian/jq@1.5%2Bdfsg-2

purl pkg:deb/debian/jq@1.5%2Bdfsg-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-8vh7-15g4-73c4

vulnerability	VCID-bx2x-h9qx-cye8

vulnerability	VCID-dprp-4xp8-afek

vulnerability	VCID-kqq5-e8tf-2bcn

vulnerability	VCID-pq1y-sq77-w3as

vulnerability	VCID-py7n-fd5j-dyby

vulnerability	VCID-se77-nayk-w3aa

vulnerability	VCID-uju7-hgvf-b3ec

vulnerability	VCID-vd75-u6ax-47bp

vulnerability	VCID-yehm-r8mj-u7cf

vulnerability	VCID-z2bj-awxs-b3eu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.5%252Bdfsg-2

url pkg:deb/debian/jq@1.6-2.1

purl pkg:deb/debian/jq@1.6-2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-735d-4qa8-qucj

vulnerability	VCID-7wvq-xu3p-ykdb

vulnerability	VCID-8vh7-15g4-73c4

vulnerability	VCID-9syj-pqrm-sye3

vulnerability	VCID-bx2x-h9qx-cye8

vulnerability	VCID-dprp-4xp8-afek

vulnerability	VCID-kqq5-e8tf-2bcn

vulnerability	VCID-n82w-qncg-jbff

vulnerability	VCID-pq1y-sq77-w3as

vulnerability	VCID-py7n-fd5j-dyby

vulnerability	VCID-se77-nayk-w3aa

vulnerability	VCID-uju7-hgvf-b3ec

vulnerability	VCID-vd75-u6ax-47bp

vulnerability	VCID-xpmb-egf5-4yh1

vulnerability	VCID-yehm-r8mj-u7cf

vulnerability	VCID-z2bj-awxs-b3eu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1

url pkg:deb/debian/jq@1.6-2.1%2Bdeb12u1

purl pkg:deb/debian/jq@1.6-2.1%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-735d-4qa8-qucj

vulnerability	VCID-7wvq-xu3p-ykdb

vulnerability	VCID-8vh7-15g4-73c4

vulnerability	VCID-9syj-pqrm-sye3

vulnerability	VCID-bx2x-h9qx-cye8

vulnerability	VCID-dprp-4xp8-afek

vulnerability	VCID-kqq5-e8tf-2bcn

vulnerability	VCID-n82w-qncg-jbff

vulnerability	VCID-py7n-fd5j-dyby

vulnerability	VCID-se77-nayk-w3aa

vulnerability	VCID-uju7-hgvf-b3ec

vulnerability	VCID-vd75-u6ax-47bp

vulnerability	VCID-xpmb-egf5-4yh1

vulnerability	VCID-yehm-r8mj-u7cf

vulnerability	VCID-z2bj-awxs-b3eu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb12u1

url pkg:deb/debian/jq@1.6-2.1%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/jq@1.6-2.1%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-735d-4qa8-qucj

vulnerability	VCID-7wvq-xu3p-ykdb

vulnerability	VCID-8vh7-15g4-73c4

vulnerability	VCID-9syj-pqrm-sye3

vulnerability	VCID-bx2x-h9qx-cye8

vulnerability	VCID-dprp-4xp8-afek

vulnerability	VCID-kqq5-e8tf-2bcn

vulnerability	VCID-n82w-qncg-jbff

vulnerability	VCID-py7n-fd5j-dyby

vulnerability	VCID-se77-nayk-w3aa

vulnerability	VCID-uju7-hgvf-b3ec

vulnerability	VCID-vd75-u6ax-47bp

vulnerability	VCID-xpmb-egf5-4yh1

vulnerability	VCID-yehm-r8mj-u7cf

vulnerability	VCID-z2bj-awxs-b3eu

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/jq@1.6-2.1%252Bdeb12u1%3Fdistro=trixie

url pkg:rpm/redhat/jq@1.5-12.el8_4?arch=5

purl pkg:rpm/redhat/jq@1.5-12.el8_4?arch=5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-py7n-fd5j-dyby

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jq@1.5-12.el8_4%3Farch=5

url pkg:rpm/redhat/jq@1.6-3.el8_6?arch=2

purl pkg:rpm/redhat/jq@1.6-3.el8_6?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-py7n-fd5j-dyby

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jq@1.6-3.el8_6%3Farch=2

url pkg:rpm/redhat/jq@1.6-6.el8_8?arch=4

purl pkg:rpm/redhat/jq@1.6-6.el8_8?arch=4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-py7n-fd5j-dyby

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jq@1.6-6.el8_8%3Farch=4

url pkg:rpm/redhat/jq@1.6-12?arch=el8_10

purl pkg:rpm/redhat/jq@1.6-12?arch=el8_10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-py7n-fd5j-dyby

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jq@1.6-12%3Farch=el8_10

url pkg:rpm/redhat/jq@1.6-12.el9_0?arch=3

purl pkg:rpm/redhat/jq@1.6-12.el9_0?arch=3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-py7n-fd5j-dyby

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jq@1.6-12.el9_0%3Farch=3

url pkg:rpm/redhat/jq@1.6-15.el9_2?arch=3

purl pkg:rpm/redhat/jq@1.6-15.el9_2?arch=3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-py7n-fd5j-dyby

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jq@1.6-15.el9_2%3Farch=3

url pkg:rpm/redhat/jq@1.6-16.el9_4?arch=2

purl pkg:rpm/redhat/jq@1.6-16.el9_4?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-py7n-fd5j-dyby

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jq@1.6-16.el9_4%3Farch=2

url pkg:rpm/redhat/jq@1.6-17.el9_6?arch=4

purl pkg:rpm/redhat/jq@1.6-17.el9_6?arch=4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-py7n-fd5j-dyby

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jq@1.6-17.el9_6%3Farch=4

url pkg:rpm/redhat/jq@1.6-19.el9_7.0?arch=2

purl pkg:rpm/redhat/jq@1.6-19.el9_7.0?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-py7n-fd5j-dyby

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jq@1.6-19.el9_7.0%3Farch=2

url pkg:rpm/redhat/jq@1.6-19.el9_8?arch=2

purl pkg:rpm/redhat/jq@1.6-19.el9_8?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-py7n-fd5j-dyby

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jq@1.6-19.el9_8%3Farch=2

url pkg:rpm/redhat/jq@1.7.1-8.el10_0?arch=3

purl pkg:rpm/redhat/jq@1.7.1-8.el10_0?arch=3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-py7n-fd5j-dyby

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jq@1.7.1-8.el10_0%3Farch=3

url pkg:rpm/redhat/jq@1.7.1-11.el10_1.0?arch=2

purl pkg:rpm/redhat/jq@1.7.1-11.el10_1.0?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-py7n-fd5j-dyby

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jq@1.7.1-11.el10_1.0%3Farch=2

url pkg:rpm/redhat/jq@1.7.1-11.el10_2?arch=2

purl pkg:rpm/redhat/jq@1.7.1-11.el10_2?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-py7n-fd5j-dyby

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jq@1.7.1-11.el10_2%3Farch=2

url pkg:rpm/redhat/jq-main@1.8.1-3?arch=hum1

purl pkg:rpm/redhat/jq-main@1.8.1-3?arch=hum1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bn9-x87m-9yas

vulnerability	VCID-kqq5-e8tf-2bcn

vulnerability	VCID-py7n-fd5j-dyby

vulnerability	VCID-se77-nayk-w3aa

vulnerability	VCID-yehm-r8mj-u7cf

vulnerability	VCID-z2bj-awxs-b3eu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jq-main@1.8.1-3%3Farch=hum1

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-39979.json

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-39979.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-39979

reference_id

reference_type

scores

value	0.00072
scoring_system	epss
scoring_elements	0.22197
published_at	2026-06-14T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.22019
published_at	2026-06-11T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.22208
published_at	2026-06-12T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.22219
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-39979

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39979
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39979

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133921
reference_id	1133921
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1133921

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458077
reference_id	2458077
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458077

reference_url

https://github.com/jqlang/jq/commit/2f09060afab23fe9390cce7cb860b10416e1bf5f

reference_id

2f09060afab23fe9390cce7cb860b10416e1bf5f

reference_type

scores

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T13:43:11Z/

url

https://github.com/jqlang/jq/commit/2f09060afab23fe9390cce7cb860b10416e1bf5f

reference_url

https://github.com/jqlang/jq/security/advisories/GHSA-2hhh-px8h-355p

reference_id

GHSA-2hhh-px8h-355p

reference_type

scores

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T13:43:11Z/

url

https://github.com/jqlang/jq/security/advisories/GHSA-2hhh-px8h-355p

reference_url	https://access.redhat.com/errata/RHSA-2026:16252
reference_id	RHSA-2026:16252
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:16252

reference_url	https://access.redhat.com/errata/RHSA-2026:16692
reference_id	RHSA-2026:16692
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:16692

reference_url	https://access.redhat.com/errata/RHSA-2026:16693
reference_id	RHSA-2026:16693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:16693

reference_url	https://access.redhat.com/errata/RHSA-2026:18040
reference_id	RHSA-2026:18040
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18040

reference_url	https://access.redhat.com/errata/RHSA-2026:18042
reference_id	RHSA-2026:18042
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18042

reference_url	https://access.redhat.com/errata/RHSA-2026:18043
reference_id	RHSA-2026:18043
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18043

reference_url	https://access.redhat.com/errata/RHSA-2026:18044
reference_id	RHSA-2026:18044
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18044

reference_url	https://access.redhat.com/errata/RHSA-2026:18045
reference_id	RHSA-2026:18045
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18045

reference_url	https://access.redhat.com/errata/RHSA-2026:18046
reference_id	RHSA-2026:18046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18046

reference_url	https://access.redhat.com/errata/RHSA-2026:18047
reference_id	RHSA-2026:18047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18047

reference_url	https://access.redhat.com/errata/RHSA-2026:18048
reference_id	RHSA-2026:18048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18048

reference_url	https://access.redhat.com/errata/RHSA-2026:19151
reference_id	RHSA-2026:19151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:19151

reference_url	https://access.redhat.com/errata/RHSA-2026:19365
reference_id	RHSA-2026:19365
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:19365

reference_url	https://access.redhat.com/errata/RHSA-2026:23233
reference_id	RHSA-2026:23233
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:23233

reference_url	https://access.redhat.com/errata/RHSA-2026:23245
reference_id	RHSA-2026:23245
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:23245

reference_url	https://access.redhat.com/errata/RHSA-2026:25096
reference_id	RHSA-2026:25096
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:25096

reference_url	https://access.redhat.com/errata/RHSA-2026:8579
reference_id	RHSA-2026:8579
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8579

reference_url	https://usn.ubuntu.com/8202-1/
reference_id	USN-8202-1
reference_type
scores
url	https://usn.ubuntu.com/8202-1/

reference_url	https://usn.ubuntu.com/8202-2/
reference_id	USN-8202-2
reference_type
scores
url	https://usn.ubuntu.com/8202-2/

Weaknesses

cwe_id	125
name	Out-of-bounds Read
description	The product reads data past the end, or before the beginning, of the intended buffer.

Exploits

Severity_range_score 6.1 - 8.2

Exploitability 0.5

Weighted_severity 7.4

Risk_score 3.7

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1bn9-x87m-9yas

Vulnerability Instance