VYPR

apk package

wolfi/jq-doc

pkg:apk/wolfi/jq-doc

Vulnerabilities (1)

  • CVE-2024-53427Feb 26, 2025
    affected < 1.7.1-r4fixed 1.7.1-r4

    decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input ha