Vulnerability in Jqlang Jq
CVE-2026-47770
jq is a command-line JSON processor. Prior to 1.8.2, comparing two sufficiently deeply nested arrays with the == operator exhausts the C stack on jq's ordinary command-line surface, resulting in denial of service via stack exhaustion (unco…
Affected products
- Jqlang Jq — versions < 1.8.2
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)