{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T06:20:16.195","vulnerabilities":[{"cve":{"id":"CVE-2024-23337","sourceIdentifier":"security-advisories@github.com","published":"2025-05-21T15:16:03.920","lastModified":"2025-06-20T17:41:15.807","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"jq is a command-line JSON processor. In versions up to and including 1.7.1, an integer overflow arises when assigning value using an index of 2147483647, the signed integer limit. This causes a denial of service. Commit de21386681c0df0104a99d9d09db23a9b2a78b1e contains a patch for the issue."},{"lang":"es","value":"jq es un procesador JSON de línea de comandos. En versiones hasta la 1.7.1 (incluida), se produce un desbordamiento de entero al asignar un valor utilizando un índice de 2147483647, el límite de enteros con signo. Esto provoca una denegación de servicio. El commit de21386681c0df0104a99d9d09db23a9b2a78b1e contiene un parche para este problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jqlang:jq:*:*:*:*:*:*:*:*","versionEndIncluding":"1.7.1","matchCriteriaId":"C4AFD89F-511E-4436-9D4F-28E33F0785DE"}]}]}],"references":[{"url":"https://github.com/jqlang/jq/commit/de21386681c0df0104a99d9d09db23a9b2a78b1e","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/jqlang/jq/issues/3262","source":"security-advisories@github.com","tags":["Exploit","Issue Tracking"]},{"url":"https://github.com/jqlang/jq/security/advisories/GHSA-2q6r-344g-cx46","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/jqlang/jq/security/advisories/GHSA-2q6r-344g-cx46","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}}]}