Known Vulnerabilities for products from Libslirp Project
Listed below are 13 of the newest known vulnerabilities associated with the vendor "Libslirp Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-3595 | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp... | 3.8 - LOW | 2021-06-15 | 2023-11-07 |
| CVE-2021-3594 | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_... | 3.8 - LOW | 2021-06-15 | 2023-11-07 |
| CVE-2021-3593 | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6... | 3.8 - LOW | 2021-06-15 | 2023-11-07 |
| CVE-2021-3592 | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the boot... | 3.8 - LOW | 2021-06-15 | 2023-11-07 |
| CVE-2020-29130 | slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if tha... | 4.3 - MEDIUM | 2020-11-26 | 2023-11-07 |
| CVE-2020-29129 | ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that... | 4.3 - MEDIUM | 2020-11-26 | 2023-11-07 |
| CVE-2020-10756 | An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs i... | 6.5 - MEDIUM | 2020-07-09 | 2023-11-07 |
| CVE-2020-8608 | In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later co... | 5.6 - MEDIUM | 2020-02-06 | 2021-02-14 |
| CVE-2020-7211 | tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows. | 7.5 - HIGH | 2020-01-21 | 2020-01-23 |
| CVE-2020-7039 | tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU... | 5.6 - MEDIUM | 2020-01-16 | 2021-02-14 |
| CVE-2020-1983 | A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cau... | 6.5 - MEDIUM | 2020-04-22 | 2023-11-07 |
| CVE-2019-15890 | libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. | 7.5 - HIGH | 2019-09-06 | 2019-09-20 |
| CVE-2019-14378 | ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case inv... | 8.8 - HIGH | 2019-07-29 | 2023-11-07 |
Known software with vulnerabilities from Libslirp Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Libslirp Project | Libslirp | 0.6.0 |