CVE-2023-50268

描述

jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this issue.

受影響套件(2)

• Alpine/jqfrom 0, < 1.7.1-r0
• Debian/jqfrom 0, < 1.7.1-1

CVSS 分數

參考連結(2)

• ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2023-50268
• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2023-50268