CVE-2024-53427
published 2025-02-26CVE-2024-53427: decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer…
PriorityP347high8.1CVSS 3.1
AVLACHPRNUINSCCHIHAH
EPSS
0.35%
27.1th percentile
decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form of digit string with NaN (e.g., "1 NaN123" immediately followed by many more digits).
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | jq | < jq 1.7.1-5 (forky) | jq 1.7.1-5 (forky) |
| jqlang | jq | <= 1.7.1 | — |
| jqlang | jq | >= 0 < 1.7.1-5 | 1.7.1-5 |
| jqlang | jq | >= 0 < 1.7.1-5 | 1.7.1-5 |
| jqlang | jq | >= 0 < 1.6-2.1ubuntu3.1 | 1.6-2.1ubuntu3.1 |
| jqlang | jq | >= 0 < 1.7.1-3ubuntu0.24.04.1 | 1.7.1-3ubuntu0.24.04.1 |
| msrc | azl3_jq_1.7.1-2_on_azure_linux_3.0 | — | — |
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
osv8.1HIGH
vendor_debian8.1LOW
vendor_msrc8.1HIGH
vendor_redhat8.1HIGH
vendor_ubuntu4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
jq vulnerabilities
osv·2025-07-21·CVSS 6.5
CVE-2024-23337 [MEDIUM] jq vulnerabilities
jq vulnerabilities
It was discovered that jq incorrectly handled certain values when parsing
JSON data. A remote attacker could possibly use this issue to cause jq to
crash, resulting in a denial of service. (CVE-2024-23337)
It was discovered that jq incorrectly handled NaN values when parsing JSON
data. A remote attacker could possibly use this issue to cause jq to crash,
resulting in a denial of service. This issue only affected Ubuntu 24.04
LTS, and Ubuntu 25.04. (CVE-2024-53427)
It was discovered that jq incorrectly handled certain values when parsing
JSON data. A remote attacker could use this issue to cause jq to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2025-48060)
OSV
CVE-2024-53427: decNumberCopy in decNumber
osv·2025-02-26·CVSS 8.1
CVE-2024-53427 [HIGH] CVE-2024-53427: decNumberCopy in decNumber
decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form of digit string with NaN (e.g., "1 NaN123" immediately followed by many more digits).
GHSA
GHSA-8mxc-vqrq-gcm8: jq v1
ghsa_unreviewed·2025-02-26
CVE-2024-53427 [HIGH] CWE-843 GHSA-8mxc-vqrq-gcm8: jq v1
jq v1.7.1 contains a stack-buffer-overflow in the decNumberCopy function within decNumber.c.
Ubuntu
jq vulnerabilities
vendor_ubuntu·2025-07-21·CVSS 4.3
CVE-2025-48060 [MEDIUM] jq vulnerabilities
Title: jq vulnerabilities
Summary: Several security issues were fixed in jq.
It was discovered that jq incorrectly handled certain values when parsing
JSON data. A remote attacker could possibly use this issue to cause jq to
crash, resulting in a denial of service. (CVE-2024-23337)
It was discovered that jq incorrectly handled NaN values when parsing JSON
data. A remote attacker could possibly use this issue to cause jq to crash,
resulting in a denial of service. This issue only affected Ubuntu 24.04
LTS, and Ubuntu 25.04. (CVE-2024-53427)
It was discovered that jq incorrectly handled certain values when parsing
JSON data. A remote attacker could use this issue to cause jq to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2025-48060)
Instructions: In
Red Hat
jq: stack-buffer-overflow in the decNumberCopy function in decNumber.c
vendor_redhat·2025-02-26·CVSS 8.1
CVE-2024-53427 [HIGH] CWE-121 jq: stack-buffer-overflow in the decNumberCopy function in decNumber.c
jq: stack-buffer-overflow in the decNumberCopy function in decNumber.c
decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form of digit string with NaN (e.g., "1 NaN123" immediately followed by many more digits).
A flaw was discovered in the jq package. In affected versions, specially-crafted input may trigger an unsafe memory operation leading to a stack buffer overflow. This can cause an application crash or other unintended behavior.
Package: jq (Red Hat Ceph Storage 4) - Not affected
Package: jq (Red Hat Enterprise Linux 10) - Fix deferred
Pack
Microsoft
decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrat
vendor_msrc·2025-02-11·CVSS 8.1
CVE-2024-53427 [HIGH] CWE-843 decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrat
decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form of digit string with NaN (e.g., "1 NaN123" immediately followed by many more digits).
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparen
Debian
CVE-2024-53427: jq - decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that...
vendor_debian·2024·CVSS 8.1
CVE-2024-53427 [HIGH] CVE-2024-53427: jq - decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that...
decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form of digit string with NaN (e.g., "1 NaN123" immediately followed by many more digits).
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved (fixed in 1.7.1-5)
sid: resolved (fixed in 1.7.1-5)
trixie: resolved (fixed in 1.7.1-5)
No detection rules found.
No public exploits indexed.
https://gist.github.com/Ekkosun/a83870ce7f3b7813b9b462a395e8ad92https://github.com/jqlang/jq/blob/71c2ab509a8628dbbad4bc7b3f98a64aa90d3297/src/decNumber/decNumber.c#L3375https://github.com/jqlang/jq/issues/3196https://github.com/jqlang/jq/issues/3296https://github.com/jqlang/jq/security/advisories/GHSA-x6c3-qv5r-7q22
2025-02-26
Published