CNNVD-202506-2932 Information

CNNVD ID

CNNVD-202506-2932

Related CVE

CVE-2025-6499

• CNNVD Published: 2025-06-23

Description (Chinese)

libucl是Vsevolod Stakhov个人开发者的一个C语言通用配置库解析器。 libucl 0.9.2及之前版本存在安全漏洞，该漏洞源于src/ucl_parser.c文件中ucl_parse_multiline_string函数存在堆缓冲区溢出。

Description (English)

Libcl is a C-language common configuration library solver for Vsevolod Stakhov personal developers. There is a security loophole in the libcl 0.9.2 and previous versions, which stems from the flood of buffers in the ucl parse multiline string function in document src/ucl parser.c.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Live Support

Published

2025-06-23

Last Modified

2026-02-24

References

https://github.com/user-attachments/files/19825399/libucl_crash.txt https://github.com/vstakhov/libucl/issues/319 https://vuldb.com/?ctiid.313615 https://vuldb.com/?id.313615 https://vuldb.com/?submit.601011