OSV-2024-396

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/jq/OSV-2024-396.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-396
Published
2024-05-01T00:11:24.552935Z
Modified
2026-02-06T14:16:30.474879Z
Summary
UNKNOWN READ in jvp_object_free
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65942

Crash type: UNKNOWN READ
Crash state:
jvp_object_free
jv_free
jv_equal
References

Affected packages

OSS-Fuzz / jq

Package

Name
jq
Purl
pkg:generic/jq

Affected ranges

Type
GIT
Repo
https://github.com/jqlang/jq
Events
Introduced
5029328d35f3e60037970d27f350a742af41aa02

Affected versions

jq-1.*
jq-1.7.1
jq-1.8.0
jq-1.8.1

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/jq/OSV-2024-396.yaml"