Vulnerabilities > CCN Lite > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-07 | CVE-2017-12473 | Improper Input Validation vulnerability in Ccn-Lite ccnl_ccntlv_bytes2pkt in CCN-lite allows context-dependent attackers to cause a denial of service (application crash) via vectors involving packets with "wrong L values." | 5.0 |
| 2018-02-07 | CVE-2017-12467 | Missing Release of Resource after Effective Lifetime vulnerability in Ccn-Lite Memory leak in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (memory consumption) by leveraging failure to allocate memory for the comp or complen structure member. | 5.0 |
| 2018-02-07 | CVE-2017-12464 | NULL Pointer Dereference vulnerability in Ccn-Lite ccn-lite-valid.c in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via vectors involving the keyfile variable. | 5.0 |
| 2018-02-07 | CVE-2017-12463 | Missing Release of Resource after Effective Lifetime vulnerability in Ccn-Lite Memory leak in the ccnl_app_RX function in ccnl-uapi.c in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (memory consumption) via vectors involving an envelope_s structure pointer when the packet format is unknown. | 5.0 |
| 2018-02-07 | CVE-2017-12412 | Infinite Loop vulnerability in Ccn-Lite ccn-lite-ccnb2xml in CCN-lite before 2.0.0 allows context-dependent attackers to have unspecified impact via a crafted file, which triggers infinite recursion and a stack overflow. | 6.8 |
| 2018-01-31 | CVE-2018-6480 | Incorrect Type Conversion or Cast vulnerability in Ccn-Lite 2.0.0 A type confusion issue was discovered in CCN-lite 2, leading to a memory access violation and a failure of the nonce feature (which, for example, helped with loop prevention). | 6.8 |