jq (SUSE:Linux Micro 6.1) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Micro 6.1 package jq, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2024-53427 — CVSS 8.1 (high): decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant…
CVE-2025-48060 — CVSS 7.5 (high): jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function `jv_string_vfmt`…
CVE-2024-23337 — CVSS 4.3 (medium): jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index…