← Back

Vstakhov

vstakhov

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Libucl
libucl
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2026-0708
1Vstakhov
1Libucl
May 11, 2026
Mar 17, 2026
N/A· v4
6.5 MEDIUM· v3
N/A· v2
A flaw was found in libucl. A remote attacker could exploit this by providing a specially crafted Universal Configuration Language (UCL) input that contains a key with an embedded null byte. This can cause a segmentation...Show more
A flaw was found in libucl. A remote attacker could exploit this by providing a specially crafted Universal Configuration Language (UCL) input that contains a key with an embedded null byte. This can cause a segmentation fault (SEGV fault) in the `ucl_object_emit` function when parsing and emitting the object, leading to a Denial of Service (DoS) for the affected system.Show less
CVE-2025-6499
1Vstakhov
1Libucl
Apr 29, 2026
Jun 23, 2025
1.9 LOW· v4
5.5 MEDIUM· v3
1.7 LOW· v2
A vulnerability classified as problematic was found in vstakhov libucl up to 0.9.2. Affected by this vulnerability is the function ucl_parse_multiline_string of the file src/ucl_parser.c. The manipulation leads to heap-b...Show more
A vulnerability classified as problematic was found in vstakhov libucl up to 0.9.2. Affected by this vulnerability is the function ucl_parse_multiline_string of the file src/ucl_parser.c. The manipulation leads to heap-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.Show less