Vulnerabilities > Libslirp Project

DATE CVE VULNERABILITY TITLE RISK
2021-06-15 CVE-2021-3592 Access of Uninitialized Pointer vulnerability in multiple products
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU.
3.8
2021-06-15 CVE-2021-3593 Access of Uninitialized Pointer vulnerability in multiple products
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU.
3.8
2021-06-15 CVE-2021-3594 An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. 3.8
2021-06-15 CVE-2021-3595 An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. 3.8
2020-11-26 CVE-2020-29130 Out-of-bounds Read vulnerability in multiple products
slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.
network
low complexity
libslirp-project debian fedoraproject CWE-125
4.3
2020-11-26 CVE-2020-29129 Out-of-bounds Read vulnerability in multiple products
ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.
network
low complexity
libslirp-project fedoraproject debian CWE-125
4.3
2020-07-09 CVE-2020-10756 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator.
6.5
2020-04-22 CVE-2020-1983 Use After Free vulnerability in multiple products
A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.
6.5
2020-02-06 CVE-2020-8608 Classic Buffer Overflow vulnerability in multiple products
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
network
high complexity
libslirp-project debian opensuse CWE-120
5.6
2020-01-21 CVE-2020-7211 Path Traversal vulnerability in multiple products
tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows.
network
low complexity
libslirp-project qemu CWE-22
7.5