Skeeto

**Name of the Vulnerable Software and Affected Versions** editorconfig-core-c versions prior to 0.12.7 **Description** The issue is related to buffer overflows in the EditorConfig core library written in C, which can occur when the input pattern contains many escaped characters, particularly in cases of nested brackets. This can lead to the remaining input length exceeding the output capacity. The problem has been addressed in release version 0.12.7. Users are advised to upgrade to this version to resolve the issue. **Recommendations** For versions prior to 0.12.7, upgrade to version 0.12.7 to resolve the issue. At the moment, there is no information about other workarounds for this vulnerability.