Lucene search
+L

12 matches found

OSV
OSV
added 2025/08/12 8:24 a.m.2 views

ROOT-OS-DEBIAN-12-CVE-2024-53427 CVE-2024-53427 in rootio-jq - Patched by Root

Root has patched CVE-2024-53427 in the rootio-jq package for Root:Debian:12. Multiple fixed versions available...

8.1CVSS5.4AI score0.00355EPSS
Exploits1
OPENSUSE Linux
OPENSUSE Linux
added 2025/05/27 12:0 a.m.4 views

jq-1.7.1-3.1 on GA media (moderate)

jq-1.7.1-3.1 on GA media Announcement ID: openSUSE-SU-2025:15161-1 Rating: moderate Cross-References: CVE-2024-53427 CVSS scores: CVE-2024-53427 SUSE : 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be...

5.3CVSS7.3AI score0.00355EPSS
Exploits1
Amazon
Amazon
added 2025/04/01 12:0 a.m.21 views

Important: jq

Issue Overview: decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has...

8.1CVSS7.3AI score0.00355EPSS
Exploits1
Amazon
Amazon
added 2025/04/01 12:0 a.m.10 views

Important: jq

Issue Overview: decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has...

8.1CVSS7.3AI score0.00355EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/04/01 12:0 a.m.12 views

Amazon Linux 2023 : jq, jq-devel (ALAS2023-2025-919)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-919 advisory. decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated...

8.1CVSS6.1AI score0.00355EPSS
Exploits1References4
Chainguard
Chainguard
added 2025/03/21 4:12 a.m.48 views

CVE-2024-53427 vulnerabilities

Vulnerabilities for packages: jq...

8.1CVSS7.1AI score0.00355EPSS
Exploits1
CBLMariner
CBLMariner
added 2025/03/18 9:13 p.m.21 views

CVE-2024-53427 affecting package jq for versions less than 1.7.1-2

CVE-2024-53427 affecting package jq for versions less than 1.7.1-2. A patched version of the package is available...

8.1CVSS7.3AI score0.00355EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/27 10:24 p.m.6 views

CVE-2024-53427

A flaw was discovered in the jq package. In affected versions, specially-crafted input may trigger an unsafe memory operation leading to a stack buffer overflow. This can cause an application crash or other unintended behavior...

5.3CVSS6.8AI score0.00355EPSS
Exploits1References4
Circl
Circl
added 2025/02/26 4:24 p.m.7 views

CVE-2024-53427

creationtimestamp| type| source ---|---|--- 2025-02-26 16:24:27+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5531 2025-02-26 20:08:23+00:00| seen| https://t.me/cvedetector/18947 2025-02-26 21:43:12+00:00| seen|...

8.1CVSS5.4AI score0.00355EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/02/26 12:0 a.m.18 views

CVE-2024-53427

decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form ...

8.1CVSS0.00355EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/02/26 12:0 a.m.9 views

CVE-2024-53427

decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form ...

8.1CVSS7.7AI score0.00355EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2025/02/26 12:0 a.m.79 views

CVE-2024-53427

decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form ...

8.1CVSS6AI score0.00355EPSS
Exploits1
Rows per page
Query Builder