Unrated severityNVD Advisory· Published Dec 11, 2023· Updated Oct 9, 2024
CVE-2023-49355
CVE-2023-49355
Description
decToString in decNumber/decNumber.c in jq 88f01a7 has a one-byte out-of-bounds write via the " []-1.2e-1111111111" input. NOTE: this is not the same as CVE-2023-50246. The CVE-2023-50246 71c2ab5 reference mentions -10E-1000010001, which is not in normalized scientific notation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- jq/decNumberdescription
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.