Spdk
Products
1- Spdk4 CVEspypi
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-57275 | Med | 0.29 | 5.5 | 0.00 | Oct 1, 2025 | Storage Performance Development Kit (SPDK) 25.05 is vulnerable to Buffer Overflow in the NVMe-oF target component in SPDK - lib/nvmf. | ||
| CVE-2021-28361 | 0.00 | — | 0.01 | Mar 13, 2021 | An issue was discovered in Storage Performance Development Kit (SPDK) before 20.01.01. If a PDU is sent to the iSCSI target with a zero length (but data is expected), the iSCSI target can crash with a NULL pointer dereference. | |||
| CVE-2019-14940 | 0.00 | — | 0.01 | Aug 12, 2019 | In Storage Performance Development Kit (SPDK) before 19.07, a user of a vhost can cause a crash if the target is sent invalid input. | |||
| CVE-2019-9547 | 0.00 | — | 0.01 | Mar 1, 2019 | In Storage Performance Development Kit (SPDK) before 19.01, a malicious vhost client (i.e., virtual machine) could carefully construct a circular descriptor chain that would result in a partial denial of service in the SPDK vhost target, because the vhost target did not properly… |
- risk 0.29cvss 5.5epss 0.00
Storage Performance Development Kit (SPDK) 25.05 is vulnerable to Buffer Overflow in the NVMe-oF target component in SPDK - lib/nvmf.
- CVE-2021-28361Mar 13, 2021risk 0.00cvss —epss 0.01
An issue was discovered in Storage Performance Development Kit (SPDK) before 20.01.01. If a PDU is sent to the iSCSI target with a zero length (but data is expected), the iSCSI target can crash with a NULL pointer dereference.
- CVE-2019-14940Aug 12, 2019risk 0.00cvss —epss 0.01
In Storage Performance Development Kit (SPDK) before 19.07, a user of a vhost can cause a crash if the target is sent invalid input.
- CVE-2019-9547Mar 1, 2019risk 0.00cvss —epss 0.01
In Storage Performance Development Kit (SPDK) before 19.01, a malicious vhost client (i.e., virtual machine) could carefully construct a circular descriptor chain that would result in a partial denial of service in the SPDK vhost target, because the vhost target did not properly…