CVE-2015-8863

Published May 6th, 2016

View on NVD ↗

CVSS v3

N/A

CVSS v2

HIGH

Affected

PROJECT

Description

Off-by-one error in the tokenadd function in jv_parse.c in jq allows remote attackers to cause a denial of service (crash) via a long JSON-encoded number, which triggers a heap-based buffer overflow.

jqlang/jq

Command-line JSON processor

GitHub

34.9K