CNNVD-202509-4109 Information
CNNVD ID
CNNVD-202509-4109
Related CVE
- CNNVD Published: 2025-09-26
Description (Chinese)
BehaviorTree.CPP是BehaviorTree开源的一个C++中的行为树的库。 BehaviorTree.CPP 4.7.0及之前版本存在安全漏洞,该漏洞源于对文件/src/script_parser.cpp中参数error_msgs_buffer的错误操作,可能导致基于栈的缓冲区溢出。
Description (English)
BehaviorTree.CPP is the reservoir of a C++ behavioural tree in BehaviorTree ’ s open source. There is a security loophole in BehaviorTree.CPP4.7.0 and earlier versions, which stems from an error in the use of the parameter error msgs buffer in document/src/script parser.cpp, which may result in the spilling out of the fence based on the cage.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
BehaviorTree
Published
2025-09-26
Last Modified
2026-02-24
References
https://github.com/BehaviorTree/BehaviorTree.CPP/commit/cb6c7514efa628adb8180b58b4c9ccdebbe096e3 https://github.com/BehaviorTree/BehaviorTree.CPP/issues/1006 https://github.com/BehaviorTree/BehaviorTree.CPP/pull/1007 https://github.com/user-attachments/files/22251337/poc.zip https://vuldb.com/?ctiid.325955 https://vuldb.com/?id.325955 https://vuldb.com/?submit.654074 https://access.redhat.com/security/cve/cve-2025-11012
Share on: