CVE-2016-4074
06.05.2016, 17:59
The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted JSON file. This issue has been fixed in jq 1.6_rc1-r0.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| jq_project | jq | 𝑥 ≤ 1.5 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| jq |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| jq |
| ||||||||||||||||||||||||||||||||||||||||||
| libjq-devel |
| ||||||||||||||||||||||||||||||||||||||||||
| libjq1 |
|
References