CPE Details
Shadowsocks Shadowsocks-libev 3.3.2
3.3.2
2020-04-21
17h19 +00:00
17h19 +00:00
2020-04-21
17h19 +00:00
17h19 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:shadowsocks:shadowsocks-libev:3.3.2:*:*:*:*:*:*:*
Informations
Vendor
shadowsocksProduct
shadowsocks-libevVersion
3.3.2Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information disclosure. An attacker can send arbitrary packets to trigger this vulnerability. | 7.4 |
High |
||
| An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger this vulnerability. | 7.8 |
High |
||
| An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerability. | 7.5 |
High |
2025©
tesweb SA
