VYPR

Libtorrent

by Arvidn

Source repositories

CVEs (5)

  • CVE-2016-7164HigFeb 7, 2017
    risk 0.49cvss 7.5epss 0.03

    The construct function in puff.cpp in Libtorrent 1.1.0 allows remote torrent trackers to cause a denial of service (segmentation fault and crash) via a crafted GZIP response.

  • CVE-2016-5301HigJun 30, 2016
    risk 0.49cvss 7.5epss 0.02

    The parse_chunk_header function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service (crash) via a crafted (1) HTTP response or possibly a (2) UPnP broadcast.

  • CVE-2017-9847MedJun 24, 2017
    risk 0.36cvss 5.5epss 0.01

    The bdecode function in bdecode.cpp in libtorrent 1.1.3 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.

  • CVE-2009-1760Jun 11, 2009
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar libtorrent before 0.14.4, as used in firetorrent, qBittorrent, deluge Torrent, and other applications, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) and partial relative…

  • CVE-2008-0646Feb 7, 2008
    risk 0.00cvss epss 0.02

    The bdecode_recursive function in include/libtorrent/bencode.hpp in Rasterbar Software libtorrent before 0.12.1, as used in Deluge before 0.5.8.3 and other products, allows context-dependent attackers to cause a denial of service (stack exhaustion and crash) via a crafted…