VYPR
Vendor

Covesa

Products
2
CVEs
6
Across products
6
Status
Private

Products

2

Recent CVEs

6
  • CVE-2022-39837MedOct 25, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a NULL pointer dereference,

  • CVE-2022-39836MedOct 25, 2022
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in Connected Vehicle Systems Alliance (COVESA) dlt-daemon through 2.18.8. Due to a faulty DLT file parser, a crafted DLT file that crashes the process can be created. This is due to missing validation checks. There is a heap-based buffer over-read of one…

  • CVE-2024-3979MedApr 19, 2024
    risk 0.29cvss 4.4epss 0.00

    A vulnerability, which was classified as problematic, has been found in COVESA vsomeip up to 3.4.10. Affected by this issue is some unknown functionality. The manipulation leads to race condition. An attack has to be approached locally. The exploit has been disclosed to the…

  • CVE-2023-36321HigOct 17, 2023
    risk 0.00cvss 7.5epss 0.01

    Connected Vehicle Systems Alliance (COVESA) up to v2.18.8 was discovered to contain a buffer overflow via the component /shared/dlt_common.c.

  • CVE-2023-26257HigFeb 27, 2023
    risk 0.00cvss 7.5epss 0.01

    An issue was discovered in the Connected Vehicle Systems Alliance (COVESA; formerly GENIVI) dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c.

  • CVE-2022-31291HigJun 16, 2022
    risk 0.00cvss 7.5epss 0.01

    An issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets.