Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Libucl: libucl: denial of service via embedded null byte in ucl input
Vulnerability Description
A flaw was found in libucl. A remote attacker could exploit this by providing a specially crafted Universal Configuration Language (UCL) input that contains a key with an embedded null byte. This can cause a segmentation fault (SEGV fault) in the `ucl_object_emit` function when parsing and emitting the object, leading to a Denial of Service (DoS) for the affected system.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H
Vulnerability Type
跨界内存读
Vulnerability Title
libucl 安全漏洞
Vulnerability Description
libucl是Vsevolod Stakhov个人开发者的一个C语言通用配置库解析器。 libucl存在安全漏洞,该漏洞源于解析和发出包含嵌入空字节键的UCL输入时,ucl_object_emit函数存在分段错误,可能导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A