CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48060 – AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)
https://notcve.org/view.php?id=CVE-2025-48060
21 May 2025 — jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function `jv_string_vfmt` in the jq_fuzz_execute harness from oss-fuzz. This crash happens on file jv.c, line 1456 `void* p = malloc(sz);`. As of time of publication, no patched versions are available. • https://github.com/jqlang/jq/security/advisories/GHSA-p7rr-28xf-3m5w • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23337 – jq has signed integer overflow in jv.c:jvp_array_write
https://notcve.org/view.php?id=CVE-2024-23337
21 May 2025 — jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. Commit de21386681c0df0104a99d9d09db23a9b2a78b1e contains a patch for the issue. • https://github.com/jqlang/jq/security/advisories/GHSA-2q6r-344g-cx46 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53427
https://notcve.org/view.php?id=CVE-2024-53427
26 Feb 2025 — jq v1.7.1 contains a stack-buffer-overflow in the decNumberCopy function within decNumber.c. decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form of digit string with NaN (e.g., "1 NaN123" immediately followed by many more digits). • https://github.com/jqlang/jq/issues/3196 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 1CVE-2023-50268 – jq has stack-based buffer overflow in decNaNs
https://notcve.org/view.php?id=CVE-2023-50268
13 Dec 2023 — jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this issue. jq es un procesador JSON de línea de comandos. La versión 1.7 es vulnerable al desbordamiento del búfer basado en pila en compilaciones que utilizan decNumber. La versión 1.7.1 contiene un parche para este problema. • http://www.openwall.com/lists/oss-security/2023/12/15/10 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 1CVE-2023-50246 – jq has heap-buffer-overflow vulnerability in the function decToString in decNumber.c
https://notcve.org/view.php?id=CVE-2023-50246
13 Dec 2023 — jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this issue. jq es un procesador JSON de línea de comandos. La versión 1.7 es vulnerable al desbordamiento de búfer de almacenamiento dinámico. La versión 1.7.1 contiene un parche para este problema. • http://www.openwall.com/lists/oss-security/2023/12/15/10 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-49355
https://notcve.org/view.php?id=CVE-2023-49355
11 Dec 2023 — decToString in decNumber/decNumber.c in jq 88f01a7 has a one-byte out-of-bounds write via the " []-1.2e-1111111111" input. NOTE: this is not the same as CVE-2023-50246. The CVE-2023-50246 71c2ab5 reference mentions -10E-1000010001, which is not in normalized scientific notation. decToString en decNumber/decNumber.c en jq 88f01a7 tiene una escritura fuera de los límites de un byte a través de la entrada "[]-1.2e-1111111111". • https://github.com/jqlang/jq/blob/88f01a741c8d63c4d1b5bc3ef61520c6eb93edaa/src/decNumber/decNumber.c#L3764 • CWE-787: Out-of-bounds Write •