CVE-2016-4074
N/A
N/A
Summary
The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted JSON file. This issue has been fixed in jq 1.6_rc1-r0.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.openwall.com/lists/oss-security/2016/04/24/4
- https://github.com/stedolan/jq/issues/1136
- http://www.openwall.com/lists/oss-security/2016/04/24/3
- https://github.com/stedolan/jq/
- https://github.com/NixOS/nixpkgs/pull/18908
- https://github.com/hashicorp/consul/issues/10263
References
- http://www.openwall.com/lists/oss-security/2016/04/24/4
- https://github.com/stedolan/jq/issues/1136
- http://www.openwall.com/lists/oss-security/2016/04/24/3
- https://github.com/stedolan/jq/
- https://github.com/NixOS/nixpkgs/pull/18908
- https://github.com/hashicorp/consul/issues/10263
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.