216.73.216.86

CVE-2025-59391

· Published 08/12/2025 17:16 · Modified 12/12/2025 12:34

Labels: CVE-2025-59391 2025-12-08CVE-2025-59391CWE-125[email protected]

Essential information

Published
08/12/2025 17:16
Modified
12/12/2025 12:34
Author
Creator
CVSS
6.5 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

CVSS metrics

Description

A memory disclosure vulnerability exists in libcoap's OSCORE configuration parser in libcoap before release-4.3.5-patches. An out-of-bounds read may occur when parsing certain configuration values, allowing an attacker to infer or read memory beyond string boundaries in the .rodata section. This could potentially lead to information disclosure or denial of service.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
libcoap / libcoap cpe:2.3:a:libcoap:libcoap:*:*:*:*:*:*:*:*

References