Security Advisory

CVE-2023-49355

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-11 00:00:00

Last updated 2024-10-09 14:35:41

Assigner mitre

State PUBLISHED

Description

decToString in decNumber/decNumber.c in jq 88f01a7 has a one-byte out-of-bounds write via the " []-1.2e-1111111111" input. NOTE: this is not the same as CVE-2023-50246. The CVE-2023-50246 71c2ab5 reference mentions -10E-1000010001, which is not in normalized scientific notation.

← Browse all CVEs View on cve.org ↗