libuv CVE 脆弱性と CVE 一覧(2)

製品(CPE): — CVE 件数: 2

libuv 脆弱性概要

This page aggregates publicly disclosed CVE and security risk information related to libuv, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

脆弱性分布の推移(直近24か月)

表示中 12 / 2 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2024-24806 libuv is a multi-platform support library with a focus on asynchronous I/O. The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows counterpart `src/win/getaddrinfo.c`), truncates hostnames to 256 characters before calling `getaddrinfo`. This behavior can be exploited to create addresses like `0x00007f000001`, which are considered valid by `getaddrinfo` and could allow an attacker to craft payloads that resolve to unintended IP addresses, bypassing developer checks. The vulner [email protected] 7.3 2.00% 2024-02-07 2026-06-17
CVE-2014-9748 The uv_rwlock_t fallback implementation for Windows XP and Server 2003 in libuv before 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows attackers to cause a denial of service (deadlock) or possibly have unspecified other impact by leveraging a race condition. [email protected] 8.1 2.47% 2020-02-11 2026-06-16
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence