Off-by-one error in the tokenadd function in jv_parse.c in jq allows remote malicious users to cause a denial of service (crash) via a long JSON-encoded number, which triggers a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse opensuse 13.2 |
||
opensuse leap 42.1 |
||
jq project jq |