VYPR

Nbdkit

by Libguestfs

Source repositories

CVEs (4)

  • CVE-2025-47712Jun 9, 2025
    risk 0.00cvss epss 0.00

    A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of…

  • CVE-2021-3716Mar 2, 2022
    risk 0.00cvss epss 0.01

    A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBD_OPT_STRUCTURED_REPLY before proxying everything else a client sends to the server, potentially leading…

  • CVE-2019-14851Mar 18, 2021
    risk 0.00cvss epss 0.01

    A denial of service vulnerability was discovered in nbdkit. A client issuing a certain sequence of commands could possibly trigger an assertion failure, causing nbdkit to exit. This issue only affected nbdkit versions 1.12.7, 1.14.1, and 1.15.1.

  • CVE-2019-14850Mar 18, 2021
    risk 0.00cvss epss 0.02

    A denial of service vulnerability was discovered in nbdkit 1.12.7, 1.14.1 and 1.15.1. An attacker could connect to the nbdkit service and cause it to perform a large amount of work in initializing backend plugins, by simply opening a connection to the service. This vulnerability…