CVE-2023-49355 | jq 1.2e-111 decNumber/decNumber.c decToString out-of-bounds write

Posted by Angelo Barbosa | Dec 11, 2023 | CVE

A vulnerability has been found in jq 1.2e-111 and classified as critical. This vulnerability affects the function decToString of the file decNumber/decNumber.c. The manipulation with the input []-1.2e-1111111111 leads to out-of-bounds write.

This vulnerability was named CVE-2023-49355. Access to the local network is required for this attack. There is no exploit available.

CVE-2023-49355 | jq 1.2e-111 decNumber/decNumber.c decToString out-of-bounds write

Related Posts

CVE-2024-51248 | Draytek Vigor 3900 1.5.1.3 mainfunction.cgi modifyrow command injection

CVE-2024-4941 | gradio up to 4.31.3 JSON Component json_component.py postprocess input validation

CVE-2024-32285 | Tenda W30E 1.0.1.25(633) formaddUserName password stack-based overflow

CVE-2024-20363 | Cisco Open Source Snort HTTP Intrusion Prevention System Rule authentication spoofing (cisco-sa-snort3-ips-bypass-uE69KBMd)