VYPR

Editorconfig Core C

by Editorconfig

Source repositories

CVEs (3)

  • CVE-2026-40489HigApr 18, 2026
    risk 0.49cvss epss 0.00

    editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based buffer overflow in ec_glob() that allows an attacker to crash any application using libeditorconfig by providing a…

  • CVE-2024-53849MedNov 27, 2024
    risk 0.24cvss epss 0.00

    editorconfig-core-c is theEditorConfig core library written in C (for use by plugins supporting EditorConfig parsing). In affected versions several overflows may occur in switch case '[' when the input pattern contains many escaped characters. The added backslashes leave too…

  • CVE-2023-0341Jan 31, 2023
    risk 0.00cvss epss 0.01

    A stack buffer overflow exists in the ec_glob function of editorconfig-core-c before v0.12.6 which allowed an attacker to arbitrarily write to the stack and possibly allows remote code execution. editorconfig-core-c v0.12.6 resolved this vulnerability by bound checking all write…