Libucl
Monthly
Denial of service in libucl allows remote attackers to crash affected applications by submitting maliciously crafted UCL configuration files containing null bytes in object keys, triggering a segmentation fault in the ucl_object_emit function. The vulnerability requires user interaction but has high impact potential with no available patch, affecting systems that parse untrusted UCL input. An attacker can remotely exploit this with low complexity to disable services relying on libucl for configuration parsing.
Denial of service in libucl allows remote attackers to crash affected applications by submitting maliciously crafted UCL configuration files containing null bytes in object keys, triggering a segmentation fault in the ucl_object_emit function. The vulnerability requires user interaction but has high impact potential with no available patch, affecting systems that parse untrusted UCL input. An attacker can remotely exploit this with low complexity to disable services relying on libucl for configuration parsing.