You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
JQ status
The researcher did not provide any information about potential report to you. I create this bug report to have some status. Do you confirm this issue ? Is so, any available patch ?
Thanks in advance.
z00
The text was updated successfully, but these errors were encountered:
We call it CVE-2023-50246
I told that user their report was a duplicate, but they already published it anyway even before reporting it to us. :(
We have had a patch ready for a while.
I am organising to get 1.7.1 released soon (maybe today?); we're currently waiting to get a CVE number for another vulnerability.
CVE-2023-49355
linzc21 published [1] an one-byte oob write affecting JQ 1.7-37-g88f01a7 (88f01a7).
[1] https://github.com/linzc21/bug-reports/blob/main/reports/jq/1.7-37-g88f01a7/heap-buffer-overflow/CVE-2023-49355.md
JQ status
The researcher did not provide any information about potential report to you. I create this bug report to have some status. Do you confirm this issue ? Is so, any available patch ?
Thanks in advance.
z00
The text was updated successfully, but these errors were encountered: