Lucene search
K
Nbdkit ProjectNbdkit

5 matches found

CVE
CVE
added 2022/03/02 10:19 p.m.295 views

CVE-2021-3716

CVE-2021-3716 affects nbdkit; root cause is improper caching of plaintext state across the STARTTLS boundary. A man-in-the-middle could inject a plaintext NBD_OPT_STRUCTURED_REPLY before proxying client data to the server, potentially causing the client to terminate the NBD session. The primary i...

3.5CVSS3.7AI score0.00573EPSS
CVE
CVE
added 2021/03/18 6:56 p.m.130 views

CVE-2019-14850

CVE-2019-14850 affects nbdkit versions 1.12.7, 1.14.1, and 1.15.1, where a remote attacker can cause DoS by opening a connection that triggers extensive work initializing backend plugins, leading to resource consumption and service degradation. The underlying cause is premature opening of back-en...

3.7CVSS3.8AI score0.01601EPSS
CVE
CVE
added 2025/06/09 6:3 a.m.86 views

CVE-2025-47711

CVE-2025-47711 concerns the nbdkit server: when handling responses from plugins about data block status, a client requesting a very large range and receiving a larger single block can trigger a critical internal error, causing a denial of service. The connected advisories document affected distri...

6.5CVSS4.4AI score0.00361EPSS
CVE
CVE
added 2025/06/09 5:58 a.m.76 views

CVE-2025-47712

Summary: CVE-2025-47712 affects the nbdkit blocksize filter. A crafted client request for block status over a very large data range can trigger an internal error in nbdkit, causing a denial of service. The initial description does not specify affected versions, product variants, or official remed...

6.5CVSS4.3AI score0.0037EPSS
CVE
CVE
added 2021/03/18 7:4 p.m.61 views

CVE-2019-14851

CVE-2019-14851 describes a denial-of-service in the project’s nbdkit daemon. The vulnerability is triggered by a specific sequence of commands that could cause an assertion failure, leading to nbdkit exiting. Affected versions are explicitly listed as 1.12.7, 1.14.1, and 1.15.1. The provided sour...

6.5CVSS6.5AI score0.00992EPSS