VYPR

Libfuse

by Fuse

CVEs (5)

  • CVE-2010-3879Jan 22, 2011
    risk 0.04cvss epss 0.10

    FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-0789.

  • CVE-2026-33150Mar 20, 2026
    risk 0.00cvss epss 0.00

    libfuse is the reference implementation of the Linux FUSE. From version 3.18.0 to before version 3.18.2, a use-after-free vulnerability in the io_uring subsystem of libfuse allows a local attacker to crash FUSE filesystem processes and potentially execute arbitrary code. When…

  • CVE-2026-33179Mar 20, 2026
    risk 0.00cvss epss 0.00

    libfuse is the reference implementation of the Linux FUSE. From version 3.18.0 to before version 3.18.2, a NULL pointer dereference and memory leak in fuse_uring_init_queue allows a local user to crash the FUSE daemon or cause resource exhaustion. When numa_alloc_local fails…

  • CVE-2024-1635Feb 19, 2024
    risk 0.00cvss epss 0.05

    A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end…

  • CVE-2023-1108Sep 14, 2023
    risk 0.00cvss epss 0.02

    A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.

VYPR — Vulnerability Intelligence