[Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-53427/jq
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jun 24 17:13:46 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f9f9f370 by Salvatore Bonaccorso at 2025-06-24T18:13:16+02:00
Update status for CVE-2024-53427/jq
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -38219,12 +38219,12 @@ CVE-2024-6810 (The Quiz Organizer plugin for WordPress is vulnerable to Stored C
NOT-FOR-US: WordPress plugin
CVE-2024-53427 (decNumberCopy in decNumber.c in jq through 1.7.1 does not properly con ...)
- jq 1.7.1-5 (bug #1102679)
- [bookworm] - jq <no-dsa> (Minor issue)
+ [bookworm] - jq <not-affected> (Vulnerable code introduced later)
[bullseye] - jq <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/jqlang/jq/security/advisories/GHSA-x6c3-qv5r-7q22
NOTE: https://github.com/jqlang/jq/issues/3196
- NOTE: https://github.com/jqlang/jq/commit/b86ff49f46a4a37e5a8e75a140cb5fd6e1331384
- NOTE: https://github.com/jqlang/jq/commit/a09a4dfd55e6c24d04b35062ccfe4509748b1dd3
+ NOTE: Fixed by: https://github.com/jqlang/jq/commit/b86ff49f46a4a37e5a8e75a140cb5fd6e1331384 (jq-1.8.0)
+ NOTE: Fixed by: https://github.com/jqlang/jq/commit/a09a4dfd55e6c24d04b35062ccfe4509748b1dd3 (jq-1.8.0)
NOTE: Introduced by: https://github.com/jqlang/jq/commit/cf4b48c7ba30cb30e116b523cff036ea481459f6 (jq-1.7rc1)
CVE-2024-52925 (In OPSWAT MetaDefender Kiosk before 4.7.0, arbitrary code execution ca ...)
NOT-FOR-US: OPSWAT MetaDefender Kiosk
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f9f9f3703460405f30f5989abc9964ca8898c727
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f9f9f3703460405f30f5989abc9964ca8898c727
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250624/44ad6e9f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list