CVE-2025-49014 | jqlang jq 1.8.0 /src/builtin.c f_strflocaltime use after free (GHSA-rmjp-cr27-wpg2)

Inserito da Angelo Barbosa | Giu 19, 2025 | CVE

A vulnerability was found in jqlang jq 1.8.0. It has been declared as critical. Affected by this vulnerability is the function f_strflocaltime of the file /src/builtin.c. The manipulation leads to use after free.

This vulnerability is known as CVE-2025-49014. The attack can be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-49014 | jqlang jq 1.8.0 /src/builtin.c f_strflocaltime use after free (GHSA-rmjp-cr27-wpg2)

Post correlati

CVE-2023-5379 | Undertow AJP Request denial of service

CVE-2023-52233 | Post SMTP Mailer Email Log Plugin up to 2.8.6 on WordPress Mailer/Email authorization

CVE-2024-34807 | CodeBard Fast Custom Social Share by Plugin up to 1.1.2 on WordPress cross-site request forgery

CVE-2024-35264 | Microsoft Visual Studio/.NET use after free