CVE-2026-54679 - CERT CVE

  1. CVE-2026-54679

ID CVE-2026-54679
Sažetak jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvp_string_append has a chance of integer/multiple overflowing and then causing a massive buffer overrun. This vulnerability is fixed in 1.8.2.
Reference
CVSS
Base: 5.5
Impact: 3.6
Exploitability:1.8
Pristup
VektorSloženostAutentikacija
LOCAL LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE NONE HIGH
CVSS vektor CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Zadnje važnije ažuriranje 26-06-2026 - 18:53
Objavljeno 25-06-2026 - 18:16