virtualsquare/picotcp

virtualsquare/picotcp

Releases29

Frequency3 months 1 week

Last Release over 5 years ago

Stars74

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-35846 ↗	Jun 19, 2023Monday, 19 June 2023, 03:15	7.5 HIGH	—
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not check the transport layer length in a frame before performing port filtering.
CVE-2023-35847 ↗	Jun 19, 2023Monday, 19 June 2023, 03:15	7.5 HIGH	—
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not have an MSS lower bound (e.g., it could be zero).
CVE-2023-35848 ↗	Jun 19, 2023Monday, 19 June 2023, 03:15	7.5 HIGH	—
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 lacks certain size calculations before attempting to set a value of an mss structure member.
CVE-2023-35849 ↗	Jun 19, 2023Monday, 19 June 2023, 03:15	7.5 HIGH	—
VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not properly check whether header sizes would result in accessing data outside of a packet.
CVE-2021-33304 ↗	Feb 15, 2023Wednesday, 15 February 2023, 22:15	9.8 CRITICAL	—
Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows attackers to execute arbitrary code.