CVE-2025-49014 | jqlang jq 1.8.0 /src/builtin.c f_strflocaltime use after free (GHSA-rmjp-cr27-wpg2)

A vulnerability was found in jqlang jq 1.8.0. It has been declared as critical. Affected by this vulnerability is the function f_strflocaltime of the file /src/builtin.c. The manipulation leads to use after free.

This vulnerability is known as CVE-2025-49014. The attack can be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.VulDB Recent EntriesRead More