Off-by-one error in the tokenadd function in jv_parse.c in jq allows remote attackers to cause a denial of service (crash) via a long JSON-encoded number, which triggers a heap-based buffer overflow.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | < 5f34310d1376ca5b2ed798258def2c2ab3cc6699 |