PT-2025-49575 · Libcoap+2 · Libcoap+2
Published
2025-12-08
·
Updated
2026-02-24
·
CVE-2025-59391
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
libcoap versions prior to 4.3.5-patches
Description
A memory disclosure issue exists in libcoap's OSCORE configuration parser. An out-of-bounds read can occur when parsing specific configuration values, potentially allowing an attacker to infer or read memory beyond string boundaries in the
.rodata section. This could lead to information disclosure or denial of service.Recommendations
Update to version 4.3.5-patches or later.
Fix
DoS
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Debian
Red Os
Libcoap