Lwip Project

lwip_project

3 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-22284 1Lwip Project 1Lwip Jun 17, 2026 Jul 22, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A buffer overflow vulnerability in the zepif_linkoutput() function of Free Software Foundation lwIP git head version and version 2.1.2 allows attackers to access sensitive information via a crafted 6LoWPAN packet.
CVE-2020-22283 1Lwip Project 1Lwip Jun 17, 2026 Jul 22, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free Software Foundation lwIP version git head allows attackers to access sensitive information via a crafted ICMPv6 packet.
CVE-2014-4883 1Lwip Project 1Lwip May 6, 2026 Nov 28, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier, does not use random values for ID fields and source ports of DNS query packets, which makes it easier for man-in-the-middle at...Show more resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier, does not use random values for ID fields and source ports of DNS query packets, which makes it easier for man-in-the-middle attackers to conduct cache-poisoning attacks via spoofed reply packets.Show less