Klungler

**Name of the Vulnerable Software and Affected Versions** jq versions 1.8.1 and earlier **Description** Top-level programs loaded from a file using the '-f' flag are truncated at the first embedded NUL byte. A specially crafted filter file containing a NUL byte followed by an arbitrary suffix will compile and execute only the prefix preceding the NUL byte. This results in a prefix/full-buffer mismatch during the compilation path. **Recommendations** Update to a version later than 1.8.1.