5 matches found
Astra Linux – Vulnerability in jq
jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-bufferoverflow error occurs in the jvstringvfmt function within the jqfuzzexecute harness from oss-fuzz. This error happens at line 1456 of the jv.c file: void p = mallocsz;. As of the time of publication, no patch...
AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)
...
jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)
A flaw was found in jq, a command line JSON processor. A specially crafted input can cause a heap-based buffer over-read when formatting an empty string because it was not properly null-terminated, causing a crash and resulting in a denial of service...
DEBIAN-CVE-2025-48060
jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function jvstringvfmt in the jqfuzzexecute harness from oss-fuzz. This crash happens on file jv.c, line 1456 void p = mallocsz;. As of time of publication, no patched versions are...
jq 安全漏洞
jq is a lightweight and flexible command-line JSON processor from jqlang open source. A security vulnerability exists in jq 1.7.1 and earlier versions, which stems from a heap buffer overflow in the jvstringvfmt function...