Critical severity9.1NVD Advisory· Published Jul 1, 2020· Updated Jun 17, 2026
CVE-2020-15472
CVE-2020-15472
Description
In nDPI through 3.2, the H.323 dissector is vulnerable to a heap-based buffer over-read in ndpi_search_h323 in lib/protocols/h323.c, as demonstrated by a payload packet length that is too short.
Affected products
8- nDPI/nDPIdescription
- osv-coords6 versionspkg:deb/ubuntu/ndpi?arch=src?distro=esm-apps/bionicpkg:deb/ubuntu/ndpi?arch=src?distro=esm-apps/xenialpkg:deb/ubuntu/ndpi?arch=src?distro=focalpkg:deb/ubuntu/ndpi?arch=src?distro=jammypkg:deb/ubuntu/ndpi?arch=src?distro=noblepkg:deb/ubuntu/ndpi?arch=src?distro=oracular
>= 0+ 5 more
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
Patches
Vulnerability mechanics
References
2- github.com/ntop/nDPI/commit/b7e666e465f138ae48ab81976726e67deed12701nvdPatchThird Party Advisory
- lists.debian.org/debian-lts-announce/2022/08/msg00016.htmlnvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.