exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 28

BDU:2024-01497

около 4 лет назад

Уязвимость функции tftp_input() компонента src/tftp.c эмулятора TCP-IP Libslirp, позволяющая нарушителю получить доступ к конфиденциальным данным

CVSS3: 3.8

EPSS: Низкий

CVE-2021-3595

около 4 лет назад

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.

CVSS3: 3.8

EPSS: Низкий

CVE-2021-3595

около 4 лет назад

CVSS3: 3.8

EPSS: Низкий

CVE-2021-3595

около 4 лет назад

CVSS3: 3.8

EPSS: Низкий

CVE-2021-3595

около 4 лет назад

An invalid pointer initialization issue was found in the SLiRP network ...

CVSS3: 3.8

EPSS: Низкий

GHSA-q3wq-4hwf-24q4

около 3 лет назад

CVSS3: 3.8

EPSS: Низкий

SUSE-SU-2022:1730-1

около 3 лет назад

Security update for libslirp

EPSS: Низкий

SUSE-SU-2022:1465-1

около 3 лет назад

Security update for libslirp

EPSS: Низкий

SUSE-SU-2022:1314-1

около 3 лет назад

Security update for libslirp

EPSS: Низкий

SUSE-SU-2021:2563-1

почти 4 года назад

Security update for qemu

EPSS: Низкий

SUSE-SU-2021:2546-1

почти 4 года назад

Security update for qemu

EPSS: Низкий

SUSE-SU-2021:2461-1

почти 4 года назад

Security update for qemu

EPSS: Низкий

SUSE-SU-2021:2428-1

почти 4 года назад

Security update for qemu

EPSS: Низкий

RLSA-2021:4191

больше 3 лет назад

Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

EPSS: Низкий

ELSA-2021-4191

больше 3 лет назад

ELSA-2021-4191: virt:ol and virt-devel:ol security, bug fix, and enhancement update (MODERATE)

EPSS: Низкий

openSUSE-SU-2021:2474-1

почти 4 года назад

Security update for qemu

EPSS: Низкий

SUSE-SU-2021:2474-1

почти 4 года назад

Security update for qemu

EPSS: Низкий

SUSE-SU-2021:2448-1

почти 4 года назад

Security update for qemu

EPSS: Низкий

openSUSE-SU-2021:2591-1

почти 4 года назад

Security update for qemu

EPSS: Низкий

SUSE-SU-2021:2591-1

почти 4 года назад

Security update for qemu

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
BDU:2024-01497 Уязвимость функции tftp_input() компонента src/tftp.c эмулятора TCP-IP Libslirp, позволяющая нарушителю получить доступ к конфиденциальным данным	CVSS3: 3.8	0% Низкий	около 4 лет назад
CVE-2021-3595 An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.	CVSS3: 3.8	0% Низкий	около 4 лет назад
CVE-2021-3595 An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.	CVSS3: 3.8	0% Низкий	около 4 лет назад
CVE-2021-3595 An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.	CVSS3: 3.8	0% Низкий	около 4 лет назад
CVE-2021-3595 An invalid pointer initialization issue was found in the SLiRP network ...	CVSS3: 3.8	0% Низкий	около 4 лет назад
GHSA-q3wq-4hwf-24q4 An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.	CVSS3: 3.8	0% Низкий	около 3 лет назад
SUSE-SU-2022:1730-1 Security update for libslirp			около 3 лет назад
SUSE-SU-2022:1465-1 Security update for libslirp			около 3 лет назад
SUSE-SU-2022:1314-1 Security update for libslirp			около 3 лет назад
SUSE-SU-2021:2563-1 Security update for qemu			почти 4 года назад
SUSE-SU-2021:2546-1 Security update for qemu			почти 4 года назад
SUSE-SU-2021:2461-1 Security update for qemu			почти 4 года назад
SUSE-SU-2021:2428-1 Security update for qemu			почти 4 года назад
RLSA-2021:4191 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update			больше 3 лет назад
ELSA-2021-4191 ELSA-2021-4191: virt:ol and virt-devel:ol security, bug fix, and enhancement update (MODERATE)			больше 3 лет назад
openSUSE-SU-2021:2474-1 Security update for qemu			почти 4 года назад
SUSE-SU-2021:2474-1 Security update for qemu			почти 4 года назад
SUSE-SU-2021:2448-1 Security update for qemu			почти 4 года назад
openSUSE-SU-2021:2591-1 Security update for qemu			почти 4 года назад
SUSE-SU-2021:2591-1 Security update for qemu			почти 4 года назад

Уязвимостей на страницу