CVE-2025-67125

Name of the Vulnerable Software and Affected Versions docopt.cpp version 0.6.2

Description A signed integer overflow exists in the LeafPattern::match function within docopt private.h of docopt.cpp. This occurs when merging occurrence counters, specifically when a default value of LONG MAX is combined with a user-provided option like -v/--verbose. The overflow can lead to counter wrapping, resulting in negative or unbounded semantics. This can bypass logic or safety mechanisms in applications that depend on occurrence-based limits, rate-gating, or safety toggles. In hardened builds utilizing tools like UBSan or -ftrapv, the overflow may cause the process to abort, leading to a denial-of-service condition.

Recommendations Update to a newer version that contains a fix for this vulnerability.