Lucene search
Alpine Linux Development TeamALPINE:CVE-2023-50246HistoryDec 13, 2023 - 9:15 p.m.
CVE-2023-50246
2023-12-1321:15:08
Alpine Linux Development Team
security.alpinelinux.org
1
json processor command-line unix
6.2 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this issue.
Related
prion
prion
Heap overflow
2023-12-13 21:15:00
Out-of-bounds
2023-12-11 07:15:00
cve
cve
CVE-2023-50246
2023-12-13 21:15:08
CVE-2023-49355
2023-12-11 07:15:07
nvd
nvd
CVE-2023-50246
2023-12-13 21:15:08
CVE-2023-49355
2023-12-11 07:15:07
redhatcve
redhatcve
CVE-2023-50246
2023-12-14 06:59:07
ubuntucve
ubuntucve
CVE-2023-50246
2023-12-13 00:00:00
CVE-2023-49355
2023-12-11 00:00:00
debiancve
debiancve
CVE-2023-50246
2023-12-13 21:15:08
CVE-2023-49355
2023-12-11 07:15:07
veracode
veracode
Heap-based Buffer Overflow
2023-12-14 08:52:39
cvelist
cvelist
CVE-2023-50246 jq has heap-buffer-overflow vulnerability in the function decToString in decNumber.c
2023-12-13 20:43:50
CVE-2023-49355
2023-12-11 00:00:00
osv
osv
CVE-2023-50246
2023-12-13 21:15:08
redos
redos
ROS-20240408-14
2024-04-08 00:00:00
6.2 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for ALPINE:CVE-2023-50246