CVE-2023-50246
CVSS V2 None
CVSS V3 None
Description
jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this issue.
Overview
- CVE ID
- CVE-2023-50246
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-12-13T20:43:50.862Z
- Last Modified Date
- 2023-12-13T20:43:50.862Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://github.com/jqlang/jq/security/advisories/GHSA-686w-5m7m-54vc | x_refsource_CONFIRM |
| https://github.com/jqlang/jq/commit/71c2ab509a8628dbbad4bc7b3f98a64aa90d3297 | x_refsource_MISC |
| https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64574 | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2023/12/15/10 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-50246 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50246 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 18:31:54 | Added to TrackCVE |