Shadowsocks-libev@3.3.2 Security Vulnerabilities and Issues — Shadowsocks-libev@3.3.2 CVE List

Lucene search

ShadowsocksShadowsocks-libev3.3.2

3 matches found

CVE•added 2019/12/03 10:15 p.m.•168 views

CVE-2019-5163

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerabil...

7.5CVSS7.3AI score0.00486EPSS

CVE•added 2019/12/03 10:15 p.m.•162 views

CVE-2019-5164

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger th...

7.8CVSS7.6AI score0.00429EPSS

CVE•added 2019/12/18 3:15 p.m.•51 views

CVE-2019-5152

An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information disclosure. An at...

7.4CVSS7AI score0.00339EPSS