Sign In

CVE-2024-23337

ADVISORY - nist

Summary

jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. Commit de21386681c0df0104a99d9d09db23a9b2a78b1e contains a patch for the issue.

EPSS Score: 0.00055 (0.171)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-190

Integer Overflow or Wraparound

ADVISORY - redhat

CWE-190

Integer Overflow or Wraparound

Impacted images

Advisories
Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in