VYPR

Libmicrodns

by Videolabs

Source repositories

CVEs (7)

  • CVE-2020-6072CriMar 24, 2020
    risk 0.64cvss 9.8epss 0.04

    An exploitable code execution vulnerability exists in the label-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the rr_decode function's return value is not checked, leading to a double free that could be exploited to…

  • CVE-2020-6080HigMar 24, 2020
    risk 0.49cvss 7.5epss 0.02

    An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videolabs libmicrodns 0.1.0. When encountering errors while parsing mDNS messages, some allocated data is not freed, possibly leading to a denial-of-service condition via resource…

  • CVE-2020-6079HigMar 24, 2020
    risk 0.49cvss 7.5epss 0.03

    An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videolabs libmicrodns 0.1.0. When encountering errors while parsing mDNS messages, some allocated data is not freed, possibly leading to a denial-of-service condition via resource…

  • CVE-2020-6078HigMar 24, 2020
    risk 0.49cvss 7.5epss 0.03

    An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages in mdns_recv, the return value of the mdns_read_header function is not checked, leading to an uninitialized variable usage that…

  • CVE-2020-6077HigMar 24, 2020
    risk 0.49cvss 7.5epss 0.02

    An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages, the implementation does not properly keep track of the available data in the message, possibly leading to an out-of-bounds read…

  • CVE-2020-6073HigMar 24, 2020
    risk 0.49cvss 7.5epss 0.02

    An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker…

  • CVE-2020-6071HigMar 24, 2020
    risk 0.49cvss 7.5epss 0.02

    An exploitable denial-of-service vulnerability exists in the resource record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the compression pointer is followed without checking for recursion, leading to a denial of service.…