Vulnerabilities (CVE)

Filtered by vendor Jq Project Subscribe
Filtered by product Jq
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-4074 1 Jq Project 1 Jq 2024-02-04 7.8 HIGH 7.5 HIGH
The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted JSON file. This issue has been fixed in jq 1.6_rc1-r0.
CVE-2015-8863 2 Jq Project, Opensuse 3 Jq, Leap, Opensuse 2024-02-04 10.0 HIGH 9.8 CRITICAL
Off-by-one error in the tokenadd function in jv_parse.c in jq allows remote attackers to cause a denial of service (crash) via a long JSON-encoded number, which triggers a heap-based buffer overflow.