Linux Distros Unpatched Vulnerability : CVE-2016-4074

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The jvdumpterm function in jq 1.5 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted JSON file. This iss...

Ubuntu 16.04 ESM : jq vulnerability (USN-4787-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-4787-1 advisory. It was discovered that jq did not perform sufficient bounds checking, resulting in unbounded resource consumption. An attacker could use this vulnerability to cau...

CVE-2016-4074 affecting package jq for versions less than 1.5-6

CVE-2016-4074 affecting package jq for versions less than 1.5-6. A patched version of the package is available...

Mageia: Security Advisory (MGASA-2017-0415)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-4074 affecting package jq 1.5-6

CVE-2016-4074 affecting package jq 1.5-6. A patched version of the package is available...

Security fix for the ALT Linux 8 package jq version 1.5-alt3.M80P.1

1.5-alt3.M80P.1 built June 5, 2018 Anton Farygin in task 207483 May 31, 2018 Anton Farygin - security update fixes: CVE-2016-4074...

Updated jq packages fix security vulnerabilities

A heap-based buffer overflow flaw was found in jq's tokenadd function. By tricking a victim into processing a specially crafted JSON file, an attacker could use this flaw to crash jq or, potentially, execute arbitrary code on the victim's system CVE-2015-8863. Stack exhaustion could affect...

openSUSE Security Update : jq (openSUSE-2017-1190)

This update for jq fixes the following minor security issue : - CVE-2016-4074: stack exhaustion could affect availability when parsing untrusted imput bsc1014176 The following tracked packaging changes are included : - Update tests dependencies to increase test coverage bsc1017157 This update was...

OPENSUSE-SU-2017:2834-1 Security update for jq

This update for jq fixes the following minor security issue: CVE-2016-4074: stack exhaustion could affect availability when parsing untrusted imput bsc1014176 The following tracked packaging changes are included: Update tests dependencies to increase test coverage bsc1017157 This update was...

CVE-2016-4074

CVE-2016-4074 affects jq 1.5, where the jv_dump_term() function can be exploited by a crafted JSON file to cause a denial of service through stack exhaustion. Affected product: jq; root cause: parsing of a JSON file via jv_dump_term() leads to stack consumption and potential crash. The issue has ...