Submeter #654068: vstakhov libucl 0.9.2 / master commit d8af953 Heap-based Buffer Overflowinformação

Títulovstakhov libucl 0.9.2 / master commit d8af953 Heap-based Buffer Overflow
Descriçãolibucl version 0.9.2 (master commit d8af953) is vulnerable to a heap buffer overflow in the ucl_include_common function of ucl_util.c. The vulnerability arises when parsing crafted input with ucl_parser_add_string, which eventually calls ucl_strnstr. This function performs a strncmp on memory beyond the allocated buffer, leading to out-of-bounds read access.
Fonte⚠️ https://github.com/vstakhov/libucl/issues/337
Utilizador
 ahuo (UID 90189)
Submissão14/09/2025 10h14 (há 7 meses)
Moderação26/09/2025 08h15 (12 days later)
EstadoAceite
Entrada VulDB325953 [vstakhov libucl até 0.9.2 /src/ucl_util.c ucl_include_common Excesso de tampão]
Pontos19

VoltarVisão GeralPróximo

Do you know our Splunk app?

Download it now for free!