37 matches found
CLSA-2026-1776354546 jq: Fix of CVE-2024-23337
CVE-2024-23337: fix signed integer overflow in jvparraywrite and jvpobjectrehash that could lead to SEGV on growing arrays and objects...
TencentOS Server 3: jq (TSSA-2025:0555)
"The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0555 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilitie...
RockyLinux 10 : jq (RLSA-2025:12882)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:12882 advisory. jq: jq has signed integer overflow in jv.c:jvparraywrite CVE-2024-23337 jq: AddressSanitizer: stack-buffer-overflow in jqfuzzexecute jvstringvfmt...
jq security update
An update is available for jq. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list jq is a lightweight and flexible command-line JSON processor. jq is like sed for...
RockyLinux 9 : jq (RLSA-2025:10585)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:10585 advisory. jq: jq has signed integer overflow in jv.c:jvparraywrite CVE-2024-23337 jq: AddressSanitizer: stack-buffer-overflow in jqfuzzexecute jvstringvfmt...
Medium: jq
Issue Overview: jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. Commit de21386681c0df0104a99d9d09db23a9b2a78b1e contains a patch for...
Oracle Linux 10 : jq (ELSA-2025-12882)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-12882 advisory. - jq: jq has signed integer overflow in jv.c:jvparraywrite CVE-2024-23337 Tenable has extracted the preceding description block directly from the...
Amazon Linux 2023 : jq, jq-devel (ALAS2023-2025-1112)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1112 advisory. jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial ...
Medium: jq
Issue Overview: jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. Commit de21386681c0df0104a99d9d09db23a9b2a78b1e contains a patch for...
RLSA-2025:10618 Moderate: jq security update
jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. Security Fixes: jq: jq has signed integer...
Ubuntu: Security Advisory (USN-7657-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Alibaba Cloud Linux 3 : 0117: jq (ALINUX3-SA-2025:0117)
"The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0117 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-23337: jq is a command-line JSON...
openSUSE Security Advisory (SUSE-SU-2025:02384-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2025:02384-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : jq (SUSE-SU-2025:02384-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02384-1 advisory. - CVE-2024-23337: Fixed signed integer overflow in jv.c:jvparraywrite bsc1243450. Tenable has extracted...
SUSE-SU-2025:02384-1 Security update for jq
This update for jq fixes the following issues: - CVE-2024-23337: Fixed signed integer overflow in jv.c:jvparraywrite bsc1243450...
CBL Mariner 2.0 Security Update: jq (CVE-2024-23337)
The version of jq installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23337 advisory. - jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when...
Azure Linux 3.0 Security Update: jq (CVE-2024-23337)
The version of jq installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23337 advisory. - jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when...
AlmaLinux 9 : jq (ALSA-2025:10585)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:10585 advisory. jq: jq has signed integer overflow in jv.c:jvparraywrite CVE-2024-23337 jq: AddressSanitizer: stack-buffer-overflow in jqfuzzexecute jvstringvfmt...
CVE-2024-23337 affecting package jq for versions less than 1.7.1-3
CVE-2024-23337 affecting package jq for versions less than 1.7.1-3. A patched version of the package is available...