Jq Project Jq vulnerabilities
2 known vulnerabilities affecting jq_project/jq.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2015-8863CRITICALCVSS 9.8≤ 1.52016-05-06
CVE-2015-8863 [CRITICAL] CWE-119 CVE-2015-8863: Off-by-one error in the tokenadd function in jv_parse.c in jq allows remote attackers to cause a den
Off-by-one error in the tokenadd function in jv_parse.c in jq allows remote attackers to cause a denial of service (crash) via a long JSON-encoded number, which triggers a heap-based buffer overflow.
nvd
CVE-2016-4074HIGHCVSS 7.5≤ 1.52016-05-06
CVE-2016-4074 [HIGH] CWE-770 CVE-2016-4074: The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack cons
The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted JSON file. This issue has been fixed in jq 1.6_rc1-r0.
nvd