Known Vulnerabilities for products from Contiki-os
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Contiki-os".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-40523 | In Contiki 3.0, Telnet option negotiation is mishandled. During negotiation between a server and a client, the server may fai... | 7.5 - HIGH | 2021-09-05 | 2021-09-10 |
| CVE-2021-38387 | In Contiki 3.0, a Telnet server that silently quits (before disconnection with clients) leads to connected clients entering a... | 7.5 - HIGH | 2021-08-10 | 2022-05-03 |
| CVE-2021-38386 | In Contiki 3.0, a buffer overflow in the Telnet service allows remote attackers to cause a denial of service because the ls c... | 7.5 - HIGH | 2021-08-10 | 2021-08-17 |
| CVE-2021-38311 | In Contiki 3.0, potential nonterminating acknowledgment loops exist in the Telnet service. When the negotiated options are al... | 7.5 - HIGH | 2021-08-09 | 2021-08-17 |
| CVE-2021-28362 | An issue was discovered in Contiki through 3.0. When sending an ICMPv6 error message because of invalid extension header opti... | 7.5 - HIGH | 2021-03-24 | 2021-03-26 |
| CVE-2020-25112 | An issue was discovered in the IPv6 stack in Contiki through 3.0. There are inconsistent checks for IPv6 header extension len... | 9.8 - CRITICAL | 2020-12-11 | 2020-12-14 |
| CVE-2020-25111 | An issue was discovered in the IPv6 stack in Contiki through 3.0. There is an insufficient check for the IPv6 header length. ... | 9.8 - CRITICAL | 2020-12-11 | 2020-12-15 |
| CVE-2020-24336 | An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in... | 9.8 - CRITICAL | 2020-12-11 | 2020-12-15 |
| CVE-2020-24335 | An issue was discovered in uIP through 1.0, as used in Contiki and Contiki-NG. Domain name parsing lacks bounds checks, allow... | 7.5 - HIGH | 2021-02-02 | 2021-02-04 |
| CVE-2020-24334 | The code that processes DNS responses in uIP through 1.0, as used in Contiki and Contiki-NG, does not check whether the numbe... | 8.2 - HIGH | 2020-12-11 | 2020-12-15 |
| CVE-2020-17440 | An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does... | 7.5 - HIGH | 2020-12-11 | 2020-12-15 |
| CVE-2020-17439 | An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does... | 8.3 - HIGH | 2020-12-11 | 2020-12-15 |
| CVE-2020-17438 | An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassembles fragmented packets f... | 9.8 - CRITICAL | 2020-12-11 | 2020-12-15 |
| CVE-2020-17437 | An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, a... | 8.2 - HIGH | 2020-12-11 | 2022-08-08 |
| CVE-2020-13987 | An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component ... | 7.5 - HIGH | 2020-12-11 | 2022-08-06 |
| CVE-2020-13986 | An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL e... | 7.5 - HIGH | 2020-12-11 | 2020-12-16 |
| CVE-2020-13985 | An issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component wh... | 7.5 - HIGH | 2020-12-11 | 2021-07-21 |
| CVE-2020-13984 | An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv... | 7.5 - HIGH | 2020-12-11 | 2020-12-14 |
| CVE-2019-9183 | An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. A buffer overflow is present due to an integer und... | 7.5 - HIGH | 2020-04-23 | 2021-07-21 |
| CVE-2019-8359 | An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. An out of bounds write is present in the data sect... | 9.8 - CRITICAL | 2020-04-23 | 2020-05-01 |
Known software with vulnerabilities from Contiki-os
| Type | Vendor | Product | Version |
|---|---|---|---|
| Operating System | Contiki-os | Contiki | - |
| Operating System | Contiki-os | Contiki-os | 3.0 |