Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
decToString in decNumber/decNumber.c in jq 88f01a7 has a one-byte out-of-bounds write via the " []-1.2e-1111111111" input. NOTE: this is not the same as CVE-2023-50246. The CVE-2023-50246 71c2ab5 reference mentions -10E-1000010001, which is not in normalized scientific notation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
jq 安全漏洞
Vulnerability Description
jq是jqlang开源的一个轻量级且灵活的命令行 JSON 处理器。 jq v1.7-37 88f01a7版本存在安全漏洞,该漏洞源于允许攻击者通过 decNumber.c中的 decToString 函数造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A