| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|
| CVE-2026-54679 | fixed | fixed | vulnerable | vulnerable | fixed | jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, ... |
| CVE-2026-49839 | fixed | fixed | vulnerable | fixed | fixed | jq is a command-line JSON processor. Prior to 1.8.2,` jq --rawfile` ca ... |
| CVE-2026-47770 | fixed | fixed | vulnerable | fixed | fixed | jq is a command-line JSON processor. Prior to 1.8.2, comparing two suf ... |
| CVE-2026-44777 | fixed | fixed | vulnerable (no DSA) | fixed | fixed | jq is a command-line JSON processor. In 1.8.2rc1 and earlier, the ordi ... |
| CVE-2026-43896 | fixed | fixed | vulnerable (no DSA) | fixed | fixed | jq is a command-line JSON processor. In 1.8.1 and earlier, unbounded r ... |
| CVE-2026-43895 | fixed | fixed | vulnerable | fixed | fixed | jq is a command-line JSON processor. In 1.8.1 and earlier, jq accepts ... |
| CVE-2026-43894 | fixed | fixed | vulnerable | fixed | fixed | jq is a command-line JSON processor. In 1.8.1 and earlier, when decNum ... |
| CVE-2026-41257 | fixed | fixed | vulnerable (no DSA) | fixed | fixed | jq is a command-line JSON processor. In 1.8.1 and earlier, the jq byte ... |
| CVE-2026-41256 | fixed | fixed | vulnerable (no DSA) | fixed | fixed | jq is a command-line JSON processor. In 1.8.1 and earlier, Top-level j ... |
| Bug | Description |
|---|
| CVE-2026-40164 | jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6 ... |
| CVE-2026-39979 | jq is a command-line JSON processor. In commits before 2f09060afab23fe ... |
| CVE-2026-39956 | jq is a command-line JSON processor. In commits after 69785bf77f86e2ea ... |
| CVE-2026-33948 | jq is a command-line JSON processor. Commits before 6374ae0bcdfe33a18e ... |
| CVE-2026-33947 | jq is a command-line JSON processor. In versions 1.8.1 and below, func ... |
| CVE-2026-32316 | jq is a command-line JSON processor. An integer overflow vulnerability ... |
| CVE-2025-49014 | jq is a command-line JSON processor. In version 1.8.0 a heap use after ... |
| CVE-2025-48060 | jq is a command-line JSON processor. In versions up to and including 1 ... |
| CVE-2024-53427 | decNumberCopy in decNumber.c in jq through 1.7.1 does not properly con ... |
| CVE-2023-50268 | jq is a command-line JSON processor. Version 1.7 is vulnerable to stac ... |
| CVE-2023-50246 | jq is a command-line JSON processor. Version 1.7 is vulnerable to heap ... |
| CVE-2023-49355 | decToString in decNumber/decNumber.c in jq 88f01a7 has a one-byte out- ... |
| CVE-2016-4074 | The jv_dump_term function in jq 1.5 allows remote attackers to cause a ... |
| CVE-2015-8863 | Off-by-one error in the tokenadd function in jv_parse.c in jq allows r ... |