Описание
jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this issue.
A stack-based buffer overflow vulnerability was found in the Jq project. This issue occurs when submitting malicious input to the application, leading to an application crash and causing a denial of service.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 4 | jq | Not affected | ||
| Red Hat Enterprise Linux 8 | jq | Not affected | ||
| Red Hat Enterprise Linux 9 | jq | Not affected |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
6.2 Medium
CVSS3
Связанные уязвимости
jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this issue.
jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this issue.
jq is a command-line JSON processor. Version 1.7 is vulnerable to stac ...
Уязвимость функционального языка программирования jq, связанная с возможностью записи за границами буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
6.2 Medium
CVSS3