Skip to main content

Shadowsocks Libev

4 CVEs product

Monthly

CVE-2019-5152 HIGH POC This Week

An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Information Disclosure Shadowsocks Libev
NVD
CVSS 3.1
7.4
EPSS
1.4%
CVE-2019-5164 HIGH POC This Week

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Privilege Escalation RCE Shadowsocks Libev Backports Sle +1
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2019-5163 HIGH POC This Week

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Shadowsocks Libev Backports Leap
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2017-15924 HIGH POC This Week

In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Shadowsocks Libev Debian Linux
NVD GitHub
CVSS 3.0
7.8
EPSS
0.5%
EPSS 1% CVSS 7.4
HIGH POC This Week

An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Information Disclosure Shadowsocks Libev
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Privilege Escalation RCE +3
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Shadowsocks Libev Backports +1
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Shadowsocks Libev Debian Linux
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy