VYPR

libslirp

by Slirp

CVEs (2)

  • CVE-2020-7211HigJan 21, 2020
    risk 0.49cvss 7.5epss 0.04

    tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows.

  • CVE-2020-7039MedJan 16, 2020
    risk 0.37cvss 5.6epss 0.04

    tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.