Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Micro 5.2 package jq, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2025-48060 — CVSS 7.5 (high): jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function `jv_string_vfmt`…
CVE-2024-23337 — CVSS 4.3 (medium): jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index…
CVE-2025-9403 — CVSS 3.3 (low): A vulnerability was determined in jqlang jq up to 1.6. Impacted is the function run_jq_tests of the file jq_test.c of the component JSON…