Vulnerabilities > Libslirp Project > Libslirp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-15 | CVE-2021-3592 | Access of Uninitialized Pointer vulnerability in multiple products An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. | 3.8 |
| 2021-06-15 | CVE-2021-3593 | Access of Uninitialized Pointer vulnerability in multiple products An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. | 3.8 |
| 2021-06-15 | CVE-2021-3594 | Access of Uninitialized Pointer vulnerability in multiple products An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. | 3.8 |
| 2021-06-15 | CVE-2021-3595 | Access of Uninitialized Pointer vulnerability in multiple products An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. | 3.8 |
| 2020-11-26 | CVE-2020-29130 | Out-of-bounds Read vulnerability in multiple products slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. | 4.3 |
| 2020-11-26 | CVE-2020-29129 | Out-of-bounds Read vulnerability in multiple products ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. | 4.3 |
| 2020-07-09 | CVE-2020-10756 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. | 6.5 |
| 2020-04-22 | CVE-2020-1983 | Use After Free vulnerability in multiple products A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service. | 6.5 |
| 2020-02-06 | CVE-2020-8608 | Classic Buffer Overflow vulnerability in multiple products In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. | 6.8 |
| 2020-01-21 | CVE-2020-7211 | Path Traversal vulnerability in multiple products tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows. | 5.0 |