VYPR

Libucl

by Vstakhov

Source repositories

CVEs (3)

  • CVE-2026-0708HigMar 17, 2026
    risk 0.47cvss 8.3epss 0.00

    A flaw was found in libucl. A remote attacker could exploit this by providing a specially crafted Universal Configuration Language (UCL) input that contains a key with an embedded null byte. This can cause a segmentation fault (SEGV fault) in the `ucl_object_emit` function when…

  • CVE-2025-11010MedSep 26, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability has been found in vstakhov libucl up to 0.9.2. Affected by this vulnerability is the function ucl_include_common of the file /src/ucl_util.c. Such manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has…

  • CVE-2025-6499LowJun 23, 2025
    risk 0.21cvss 3.3epss 0.00

    A vulnerability classified as problematic was found in vstakhov libucl up to 0.9.2. Affected by this vulnerability is the function ucl_parse_multiline_string of the file src/ucl_parser.c. The manipulation leads to heap-based buffer overflow. The attack needs to be approached…