MidnightBSD

Advisories for vstakhov

CVE-2025-6499 LOW

A vulnerability classified as problematic was found in vstakhov libucl up to 0.9.2. Affected by this vulnerability is the function ucl_parse_multiline_string of the file src/ucl_parser.c. The manipulation leads to heap-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cna@vuldb.com 3.3 LOW CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 1.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-119,CWE-122,CWE-787,

Products Affected

Vendor Product Version
vstakhov libucl *