GHSA-cqpr-pcm7-m3jc: Potential segfault in `localtime_r` invocations
(updated )
Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user’s knowledge, notably in a third-party library.
References
Detect and mitigate GHSA-cqpr-pcm7-m3jc with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →