12 matches found
RHEL 7 : jq (RHSA-2016:1098)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2016:1098 advisory. jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform...
CVE-2015-8863 affecting package jq for versions less than 1.5-6
CVE-2015-8863 affecting package jq for versions less than 1.5-6. A patched version of the package is available...
Mageia: Security Advisory (MGASA-2017-0415)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-8863 affecting package jq 1.5-6
CVE-2015-8863 affecting package jq 1.5-6. A patched version of the package is available...
Updated jq packages fix security vulnerabilities
A heap-based buffer overflow flaw was found in jq's tokenadd function. By tricking a victim into processing a specially crafted JSON file, an attacker could use this flaw to crash jq or, potentially, execute arbitrary code on the victim's system CVE-2015-8863. Stack exhaustion could affect...
Moderate: Red Hat Security Advisory: jq security update
An update for jq is now available for Red Hat OpenStack Platform 8.0 Liberty. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
CVE-2015-8863
Off-by-one error in the tokenadd function in jvparse.c in jq allows remote attackers to cause a denial of service crash via a long JSON-encoded number, which triggers a heap-based buffer overflow...
CVE-2015-8863
Off-by-one error in the tokenadd function in jvparse.c in jq allows remote attackers to cause a denial of service crash via a long JSON-encoded number, which triggers a heap-based buffer overflow...
CVE-2015-8863
Off-by-one error in the tokenadd function in jvparse.c in jq allows remote attackers to cause a denial of service crash via a long JSON-encoded number, which triggers a heap-based buffer overflow...
CVE-2015-8863
CVE-2015-8863 affects the jq JSON processor via an off-by-one error in tokenadd() within jv_parse.c, causing a heap-based buffer overflow that can crash jq or, in some advisories, allow arbitrary code execution when processing long JSON numbers. Public details indicate vulnerable versions include...
openSUSE Security Update : jq (openSUSE-2016-550)
jq was updated to fix one security issue. This security issue was fixed : - CVE-2015-8863: Heap buffer overflow in tokenadd function boo976992. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE Security Update : jq (openSUSE-2016-551)
jq was updated to fix one security issue. This security issue was fixed : - CVE-2015-8863: Heap buffer overflow in tokenadd function boo976992. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...