Medium6.5Red Hat Linux Updated
Denial of Service due to inefficient input parsing
CVE-2026-13311 Published Jun 25, 2026Updated by vendor Jun 25, 2026
Affected products & platforms
Red Hat LinuxUnclassified
Summary
Denial of Service due to inefficient input parsing. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-1050.
Affected versions
- < 1.8.5
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Mitigation checklist
Recommended fix / mitigation
- Upgrade shell-quote to version 1.8.5. If upgrading shell-quote to version 1.8.5 or later is not immediately possible, the following mitigations can reduce exposure: 1. Validate and limit the length of any user-controlled strings before passing them to shell-quote's `parse()` function. 2. If `parse()` is not required, ensure that only the `quote()` function is used, as it is not affected by this vulnerability.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.