CVE-2025-9403

Medium CVSS: 4.8

A vulnerability was determined in jqlang jq up to 1.6. Impacted is the function run_jq_tests of the file jq_test.c of the component JSON Parser. Executing manipulation can lead to reachable assertion. The attack requires local access. The exploit has been publicly disclosed and may be utilized. Other versions might be affected as well.

Vendor

Jqlang

Product

CWE

CWE-617

Yayın Tarihi

2025-08-25 03:15:37

Güncelleme

2025-09-12 20:11:28

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-617 Jq MEDIUM Jqlang 2025

Referanslar

https://drive.google.com/file/d/1r8m9PhU_rk-QPj6OMcs415FcvWPD-zJY/view?usp=sharing https://github.com/jqlang/jq/issues/3393 https://vuldb.com/?ctiid.321239 https://vuldb.com/?id.321239 https://vuldb.com/?submit.633170 https://github.com/jqlang/jq/issues/3393 https://vuldb.com/?submit.633170

Benzer Kayıtlar

High

CVE-2025-48060

jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in functio…

Medium

CVE-2024-23337

jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning va…

High

CVE-2024-53427

decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which ha…