jq-devel (AlmaLinux:10) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:10 package jq-devel, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2026-40164 — CVSS 7.5 (high): jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly…
CVE-2026-39979 — CVSS 6.5 (medium): jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jv_parse_sized() API in libjq accepts…