CVE-2023-49355 | jq 1.2e-111 decNumber/decNumber.c decToString out-of-bounds write

Inserito da Angelo Barbosa | Dic 11, 2023 | CVE

A vulnerability has been found in jq 1.2e-111 and classified as critical. This vulnerability affects the function decToString of the file decNumber/decNumber.c. The manipulation with the input []-1.2e-1111111111 leads to out-of-bounds write.

This vulnerability was named CVE-2023-49355. Access to the local network is required for this attack. There is no exploit available.

CVE-2023-49355 | jq 1.2e-111 decNumber/decNumber.c decToString out-of-bounds write

Post correlati

CVE-2024-5881 | Webico Slider Flatsome Addons Plugin up to 2.0.1 on WordPress Shortcode wbc_image cross site scripting

CVE-2024-25390 | RT-Thread up to 5.0.2 finsh/msh_file.c heap-based overflow (Issue 8286)

CVE-2024-1162 | ThemeIsle Orbit Fox Plugin up to 2.10.29 on WordPress cross-site request forgery

CVE-2024-4367 | Mozilla Firefox up to 125 PDF.js type conversion (Bug 1893645)