Jq

3 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-48060 HIGH POC PATCH This Week

jq is a command-line JSON processor. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Red Hat Suse Jq

NVD GitHub

CVSS 4.0

7.7

EPSS

0.6%

CVE-2024-23337 MEDIUM POC PATCH Monitor

jq is a command-line JSON processor. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Integer Overflow Red Hat Suse Jq

NVD GitHub

CVSS 3.1

4.3

EPSS

0.3%

CVE-2024-53427 HIGH POC PATCH This Week

decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as. Rated high severity (CVSS 8.1), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Red Hat Suse Jq

NVD GitHub

CVSS 3.1

8.1

EPSS

0.0%

CVE-2025-48060

EPSS 1% CVSS 7.7

HIGH POC PATCH This Week

Buffer Overflow Stack Overflow Red Hat +2

NVD GitHub

CVE-2024-23337

EPSS 0% CVSS 4.3

MEDIUM POC PATCH Monitor

jq is a command-line JSON processor. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Integer Overflow Red Hat +2

NVD GitHub

CVE-2024-53427

EPSS 0% CVSS 8.1

HIGH POC PATCH This Week

Buffer Overflow Memory Corruption Red Hat +2

NVD GitHub