| عنوان | vstakhov libucl 0.9.2 / master commit d8af953 Heap-based Buffer Overflow |
|---|
| الوصف | libucl version 0.9.2 (master commit d8af953) is vulnerable to a heap buffer overflow in the ucl_include_common function of ucl_util.c. The vulnerability arises when parsing crafted input with ucl_parser_add_string, which eventually calls ucl_strnstr. This function performs a strncmp on memory beyond the allocated buffer, leading to out-of-bounds read access. |
|---|
| المصدر | ⚠️ https://github.com/vstakhov/libucl/issues/337 |
|---|
| المستخدم | ahuo (UID 90189) |
|---|
| ارسال | 14/09/2025 10:14 AM (7 أشهر منذ) |
|---|
| الاعتدال | 26/09/2025 08:15 AM (12 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 325953 [vstakhov libucl حتى 0.9.2 /src/ucl_util.c ucl_include_common تلف الذاكرة] |
|---|
| النقاط | 19 |
|---|