CVE-2025-48060

May 21, 2025 invoker category_cve

CVE Details

Basic Information

Title CVE-2025-48060
Type cve
Published 2025-05-21T18:15:53
Last Seen 2025-05-21T18:24:55

CVSS Information

Base Score 0.0 ()
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact

AI Analysis

AI Description A heap-buffer-overflow vulnerability exists in jq versions up to 1.7.1, affecting the jv_string_vfmt function, which can lead to a crash.
AI Severity High
Vendor jq Community
Product jq
Affected Version 1.0.0, 1.1.0, …, 1.7.1

Additional Information

CVE List CVE-2025-48060
CWE List CWE-121
Bulletin Family cve

Description

jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function jv_string_vfmt in the jq_fuzz_execute harness from oss-fuzz. This crash happens on file jv.c, line…

CVSS Score Summary

Base Score: %!f(string=#) ()

View Full CVE Details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.