Vulnerabilities (CVE)

Filtered by vendor Dhcpcd Project Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-11766	2 Debian, Dhcpcd Project	2 Debian Linux, Dhcpcd	2019-05-07	7.5 HIGH	9.8 CRITICAL
dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the D6_OPTION_PD_EXCLUDE feature.
CVE-2019-11577	1 Dhcpcd Project	1 Dhcpcd	2019-04-29	7.5 HIGH	9.8 CRITICAL
dhcpcd before 7.2.1 contains a buffer overflow in dhcp6_findna in dhcp6.c when reading NA/TA addresses.
CVE-2016-1503	2 Dhcpcd Project, Google	2 Dhcpcd, Android	2017-09-10	10.0 HIGH	9.8 CRITICAL
dhcpcd before 6.10.0, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 and other products, mismanages option lengths, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a malformed DHCP response, aka internal bug 26461634.