CVE-2025-40843

Exploit

EPSS 0.17%
Veröffentlicht 28.10.2025 18:49:49
Zuletzt bearbeitet 14.11.2025 18:52:30
Quelle 85b1779b-6ecd-4f52-bcc5-73eac4
CVE-Watchlists
Login
Unerledigt
Login

Buffer overflow in CodeChecker log command

CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. 




CodeChecker versions up to 6.26.1 contain a buffer overflow vulnerability in the internal ldlogger library, which is executed by the CodeChecker log command.





This issue affects CodeChecker: through 6.26.1.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ericsson ≫ Codechecker Version < 6.26.2

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.17%	0.07

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
85b1779b-6ecd-4f52-bcc5-73eac4659dcf	5.9	2.5	3.4	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-121 Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

https://github.com/Ericsson/codechecker/security/advisories/GHSA-5xf2-f6ch-6p8r

Vendor Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2025-40843

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-40843

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-40843

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-40843