CVE-2023-50246

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Dec 13, 2023

Updated: Dec 19, 2023

CWE ID 122

CWE ID 787

CWE ID 120

Summary

CVE-2023-50246 is a newly identified vulnerability affecting jq, a popular command-line JSON processor. This issue results in a heap-based buffer overflow in version 1.7, which can potentially be exploited by malicious actors to execute arbitrary code. The vulnerability has been addressed in version 1.7.1 with a released patch, making it essential for users to update their installations promptly to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tsu17e
https://www.cve.org/CVERecord?id=CVE-2023-50246
https://nvd.nist.gov/vuln/detail/CVE-2023-50246

Back to Vulnerability Database

CVE-2023-50246

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations