VYPR

Libnbd

by Nbdkit

Source repositories

CVEs (5)

  • CVE-2024-7383HigAug 5, 2024
    risk 0.48cvss 7.4epss 0.00

    A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic.

  • CVE-2023-5871Nov 27, 2023
    risk 0.00cvss epss 0.01

    A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for accessing Block Devices such as hard disks over a Network. This issue may allow a malicious NBD server to cause a Denial of Service.

  • CVE-2023-5215Sep 28, 2023
    risk 0.00cvss epss 0.01

    A flaw was found in libnbd. A server can reply with a block size larger than 2^63 (the NBD spec states the size is a 64-bit unsigned value). This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the…

  • CVE-2022-0485Aug 29, 2022
    risk 0.00cvss epss 0.01

    A flaw was found in the copying tool `nbdcopy` of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the *error parameter. This could result in the…

  • CVE-2021-20286Mar 15, 2021
    risk 0.00cvss epss 0.01

    A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may lead to denial of service.