Not a user yet?
Log in Register for free Suggest a product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Update

USN-7657-1: jq vulnerabilities

Ubuntu DesktopUbuntu Desktop
Canonical
Update from patrick-devicebaseUpdate from:
patrick-devicebase (expert)

USN-7657-1: jq vulnerabilities
Publication date: 21 July 2025
Overview: Several security issues were fixed in jq.

Packages
jq - lightweight and flexible command-line JSON processor

Details
It was discovered that jq incorrectly handled certain values when parsing
JSON data. A remote attacker could possibly use this issue to cause jq to
crash, resulting in a denial of service. (CVE-2024-23337)

It was discovered that jq incorrectly handled NaN values when parsing JSON
data. A remote attacker could possibly use this issue to cause jq to crash,
resulting in a denial of service. This issue only affected Ubuntu 24.04
LTS, and Ubuntu 25.04. (CVE-2024-53427)

It was discovered that jq incorrectly handled certain values when parsing
JSON data. A remote attacker could use this issue to cause jq to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2025-48060)

Update instructions
The problem can be corrected by updating your system to the following package versions:

25.04 plucky

  • jq – 1.7.1-3ubuntu1.1
  • libjq1 – 1.7.1-3ubuntu1.1
    24.04 noble
  • jq – 1.7.1-3ubuntu0.24.04.1
  • libjq1 – 1.7.1-3ubuntu0.24.04.1
    22.04 jammy
  • jq – 1.6-2.1ubuntu3.1
  • libjq1 – 1.6-2.1ubuntu3.1
Version: 24.04 LTS Link
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Canonical Ubuntu Desktop updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad