CNNVD-202509-4113 Information

CNNVD ID

CNNVD-202509-4113

Related CVE

CVE-2025-11010

• CNNVD Published: 2025-09-26

Description (Chinese)

libucl是Vsevolod Stakhov个人开发者的一个C语言通用配置库解析器。 libucl 0.9.2及之前版本存在安全漏洞，该漏洞源于文件/src/ucl_util.c中函数ucl_include_common存在堆缓冲区溢出，可能导致执行任意代码。

Description (English)

Libcl is a C-language common configuration library solver for Vsevolod Stakhov personal developers. There is a security loophole in libcl 0.9.2 and previous versions, which stems from the spilling of the ucl include common in the document/src/ucl util.c function, which could lead to the implementation of any code.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

LitexMedia

Published

2025-09-26

Last Modified

2026-02-24

References

https://github.com/user-attachments/files/22317650/poc.zip https://github.com/vstakhov/libucl/issues/337 https://vuldb.com/?ctiid.325953 https://vuldb.com/?id.325953 https://vuldb.com/?submit.654068