Lucene search
+L

5 matches found

astralinux
astralinux
added 2026/01/27 5:1 a.m.5 views

Astra Linux – Vulnerability in jq

jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-bufferoverflow error occurs in the jvstringvfmt function within the jqfuzzexecute harness from oss-fuzz. This error happens at line 1456 of the jv.c file: void p = mallocsz;. As of the time of publication, no patch...

8.7CVSS6.6AI score0.00446EPSS
Exploits1References3
mscve
mscve
added 2025/07/29 7:0 a.m.6 views

AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)

...

8.7CVSS7AI score0.00446EPSS
Exploits1
redhat
redhat
added 2025/07/08 12:30 p.m.8 views

jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)

A flaw was found in jq, a command line JSON processor. A specially crafted input can cause a heap-based buffer over-read when formatting an empty string because it was not properly null-terminated, causing a crash and resulting in a denial of service...

8.7CVSS7.3AI score0.00446EPSS
Exploits1References5
osv
osv
added 2025/05/21 6:15 p.m.3 views

DEBIAN-CVE-2025-48060

jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function jvstringvfmt in the jqfuzzexecute harness from oss-fuzz. This crash happens on file jv.c, line 1456 void p = mallocsz;. As of time of publication, no patched versions are...

7.5CVSS6.5AI score0.00446EPSS
Exploits1References1
cnnvd
cnnvd
added 2025/05/21 12:0 a.m.3 views

jq 安全漏洞

jq is a lightweight and flexible command-line JSON processor from jqlang open source. A security vulnerability exists in jq 1.7.1 and earlier versions, which stems from a heap buffer overflow in the jvstringvfmt function...

8.7CVSS6.8AI score0.00446EPSS
Exploits1References1
Rows per page
Query Builder