CVE-2025-6536

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-6536

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-6536.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-6536

Downstream

UBUNTU-CVE-2025-6536

Published

2025-06-24T02:15:22Z

Modified

2025-06-26T21:04:49.629903Z

Severity

3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVSS Calculator

Summary

[none]

Details

A vulnerability has been found in Tarantool up to 3.3.1 and classified as problematic. Affected by this vulnerability is the function tmtodatetime in the library src/lib/core/datetime.c. The manipulation leads to reachable assertion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

References

Affected packages

Debian:11 / tarantool

Package

Name: tarantool
Purl: pkg:deb/debian/tarantool?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.6.0-1

2.6.0-1.1

2.6.0-1.2

2.6.0-1.3

2.6.0-1.4

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / tarantool

Package

Name: tarantool
Purl: pkg:deb/debian/tarantool?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.6.0-1.2

2.6.0-1.3

2.6.0-1.4

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / tarantool

Package

Name: tarantool
Purl: pkg:deb/debian/tarantool?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.6.0-1.2

2.6.0-1.3

2.6.0-1.4

Ecosystem specific

{
    "urgency": "unimportant"
}