Vulnerability - CVE-2025-0633

Name

CVE-2025-0633

Source

NVD ( link)Debian ( link)

Description

Heap-based Buffer Overflow vulnerability in iniparser_dumpsection_ini() in iniparser allows attacker to read out of bound memory

CWEs

CWE-122

Published Date

Feb 19, 2025

Updated Date

Jun 17, 2026

Workaround

Advisories

Analysis#

Affected Component

Analysis

iniparser

Patched

Vulnerability Ratings#

5.1

CVSSv4

NaN

other

Others affected components#

Name

Project

Project Version

Version

Status

iniparser

openwrt

master

4.2.6-r1

Not Affected

iniparser

openwrt

openwrt-25.12

4.2.6-r1

Not Affected

iniparser

yocto

kirkstone

4.1+gitX

Patched

iniparser

yocto

master

4.2.6

Not Affected

Resolved with patches#

iniparser (yocto:kirkstone)

Title

Author

Resolve

Fix heap overflow in `iniparser_dumpsection_ini()`

Lars Möllendorf <lars@moellendorf.eu>

CVE-2025-0633

iniparser (yocto:scarthgap)

Title

Author

Resolve

Fix heap overflow in `iniparser_dumpsection_ini()`

Lars Möllendorf <lars@moellendorf.eu>

CVE-2025-0633