VDB
RHSA-2025%3A10620
RHSA-2025%3A10620
PUBLISHED
CVSS 5.5 MEDIUM
Red Hat Security Advisory: jq security update
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat:rhel_tus:8.6::appstream | jq-debuginfo | 0, 0 |
| Red Hat:rhel_e4s:8.6::appstream | jq-debuginfo | 0, 0 |
| Red Hat:rhel_eus_long_life:8.6::appstream | jq | 0, 0 |
| Red Hat:rhel_aus:8.6::appstream | jq-debuginfo | 0, 0 |
| Red Hat:rhel_e4s:8.6::appstream | jq-debugsource | 0, 0 |
| Red Hat:rhel_tus:8.6::appstream | jq | 0, 0 |
| Red Hat:rhel_e4s:8.6::appstream | jq | 0, 0 |
| Red Hat:rhel_eus_long_life:8.6::appstream | jq-debuginfo | 0, 0 |
| Red Hat:rhel_aus:8.6::appstream | jq | 0, 0 |
| Red Hat:rhel_aus:8.6::appstream | jq-debugsource | 0, 0 |
| Red Hat:rhel_eus_long_life:8.6::appstream | jq-debugsource | 0, 0 |
| Red Hat:rhel_tus:8.6::appstream | jq-debugsource | 0, 0 |
Timeline
- Jul 9, 2025 CVE Published
- Mar 18, 2026 CVE Updated
- May 1, 2026 Distribution Patch
- May 1, 2026 Distribution Patch
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2025:10620 advisory
- https://access.redhat.com/security/updates/classification/#moderate article
- https://bugzilla.redhat.com/show_bug.cgi?id=2367807 report
- https://bugzilla.redhat.com/show_bug.cgi?id=2367842 report
- https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10620.json advisory
- https://access.redhat.com/security/cve/CVE-2024-23337 report
- https://www.cve.org/CVERecord?id=CVE-2024-23337 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2024-23337 advisory
- https://github.com/jqlang/jq/commit/de21386681c0df0104a99d9d09db23a9b2a78b1e article
- https://github.com/jqlang/jq/issues/3262 article
- https://github.com/jqlang/jq/security/advisories/GHSA-2q6r-344g-cx46 article
- https://access.redhat.com/security/cve/CVE-2025-48060 report
- https://www.cve.org/CVERecord?id=CVE-2025-48060 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-48060 advisory
- https://github.com/jqlang/jq/security/advisories/GHSA-p7rr-28xf-3m5w article