GHSA lookup
GHSA-Q3H9-M34W-H76F
Pruva has a verified reproduction for GHSA-Q3H9-M34W-H76F: jq: integer overflow in jv_string_concat triggers heap buffer overflow on large strings. The canonical evidence record is REPRO-2026-00170.
REPRO
REPRO-2026-00170
Package
jq · github
Severity
HIGH
Status
published