Lucene search
K

5 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in jq

jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-bufferoverflow error occurs in the jvstringvfmt function within the jqfuzzexecute harness from oss-fuzz. This error happens at line 1456 of the jv.c file: void p = mallocsz;. As of the time of publication, no patch...

8.7CVSS6.6AI score0.00443EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2025/07/29 7:0 a.m.6 views

AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)

...

8.7CVSS7AI score0.00443EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2025/07/08 12:30 p.m.7 views

jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)

A flaw was found in jq, a command line JSON processor. A specially crafted input can cause a heap-based buffer over-read when formatting an empty string because it was not properly null-terminated, causing a crash and resulting in a denial of service...

8.7CVSS7.3AI score0.00443EPSS
Exploits1References5
OSV
OSV
added 2025/05/21 6:15 p.m.3 views

DEBIAN-CVE-2025-48060

jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function jvstringvfmt in the jqfuzzexecute harness from oss-fuzz. This crash happens on file jv.c, line 1456 void p = mallocsz;. As of time of publication, no patched versions are...

7.5CVSS6.5AI score0.00443EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/21 12:0 a.m.2 views

jq 安全漏洞

jq is a lightweight and flexible command-line JSON processor from jqlang open source. A security vulnerability exists in jq 1.7.1 and earlier versions, which stems from a heap buffer overflow in the jvstringvfmt function...

8.7CVSS6.8AI score0.00443EPSS
Exploits1References1
Rows per page
Query Builder