High severity7.5NVD Advisory· Published May 6, 2016· Updated Jun 17, 2026
CVE-2016-4074
CVE-2016-4074
Description
The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted JSON file. This issue has been fixed in jq 1.6_rc1-r0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- osv-coords3 versionspkg:rpm/opensuse/jq&distro=openSUSE%20Tumbleweedpkg:rpm/suse/jq&distro=SUSE%20Enterprise%20Storage%204pkg:rpm/suse/jq&distro=SUSE%20Package%20Hub%2012%20SP1
< 1.6-2.9+ 2 more
- (no CPE)range: < 1.6-2.9
- (no CPE)range: < 1.5-3.5.7
- (no CPE)range: < 1.5-5.1
Patches
Vulnerability mechanics
References
5- github.com/NixOS/nixpkgs/pull/18908nvdPatchThird Party Advisory
- github.com/stedolan/jq/issues/1136nvdExploitPatchThird Party Advisory
- www.openwall.com/lists/oss-security/2016/04/24/3nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2016/04/24/4nvdMailing ListThird Party Advisory
- github.com/hashicorp/consul/issues/10263nvdThird Party Advisory
News mentions
0No linked articles in our index yet.