12 matches found
ROOT-OS-DEBIAN-12-CVE-2024-53427 CVE-2024-53427 in rootio-jq - Patched by Root
Root has patched CVE-2024-53427 in the rootio-jq package for Root:Debian:12. Multiple fixed versions available...
jq-1.7.1-3.1 on GA media (moderate)
jq-1.7.1-3.1 on GA media Announcement ID: openSUSE-SU-2025:15161-1 Rating: moderate Cross-References: CVE-2024-53427 CVSS scores: CVE-2024-53427 SUSE : 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be...
Important: jq
Issue Overview: decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has...
Important: jq
Issue Overview: decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has...
Amazon Linux 2023 : jq, jq-devel (ALAS2023-2025-919)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-919 advisory. decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated...
CVE-2024-53427 vulnerabilities
Vulnerabilities for packages: jq...
CVE-2024-53427 affecting package jq for versions less than 1.7.1-2
CVE-2024-53427 affecting package jq for versions less than 1.7.1-2. A patched version of the package is available...
CVE-2024-53427
A flaw was discovered in the jq package. In affected versions, specially-crafted input may trigger an unsafe memory operation leading to a stack buffer overflow. This can cause an application crash or other unintended behavior...
CVE-2024-53427
creationtimestamp| type| source ---|---|--- 2025-02-26 16:24:27+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5531 2025-02-26 20:08:23+00:00| seen| https://t.me/cvedetector/18947 2025-02-26 21:43:12+00:00| seen|...
CVE-2024-53427
decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form ...
CVE-2024-53427
decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form ...
CVE-2024-53427
decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form ...