Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

contiki-ng — Vulnerabilities & Security Advisories 29

All 29 CVE vulnerabilities found in contiki-ng, with AI-generated Chinese analysis, references, and POCs.

Vendor: contiki-ng

CVE IDTitleCVSSSeverityPublished
CVE-2023-29001 Uncontrolled recursion due to insufficient validation of the IPv6 source routing header in Contiki-NG CWE-674 7.5AIHighAI2024-11-27
CVE-2024-41125 Out-of-bounds read in SNMP when decoding a string in Contiki-NG CWE-125 8.4 High2024-11-27
CVE-2024-41126 Out-of-bounds read when decoding SNMP messages in Contiki-NG CWE-125 8.4 High2024-11-27
CVE-2024-47181 Unaligned memory access in RPL option processing in Contiki-NG CWE-704 7.5 High2024-11-27
CVE-2023-50926 Unvalidated DIO prefix info length in RPL-Lite in Contiki-NG CWE-125 7.5 High2024-02-14
CVE-2023-50927 Insufficient boundary checks for DIO and DAO messages in RPL-Lite in Contiki-NG CWE-125 8.6 High2024-02-14
CVE-2023-48229 Out-of-bounds write in the radio driver for Contiki-NG nRF platforms CWE-787 7.0 High2024-02-14
CVE-2023-37459 Out-of-bounds read when processing a received IPv6 packet CWE-125 5.3 Medium2023-09-15
CVE-2023-37281 Out-of-bounds read during IPHC address decompression CWE-125 5.3 Medium2023-09-15
CVE-2023-34101 Contiki-NG vulnerable to out-of-bounds read when processing ICMP DAO input CWE-125 7.3 High2023-06-14
CVE-2023-34100 Out-of-Bounds Read in contiki-ng CWE-125 7.3 High2023-06-09
CVE-2023-31129 Contiki-NG missing NULL pointer check in IPv6 neighbor discovery CWE-476 7.5 High2023-05-08
CVE-2023-30546 Contiki-NG has off-by-one error in Antelope DBMS CWE-125 9.8 Critical2023-04-26
CVE-2023-28116 Buffer overflow in L2CAP due to misconfigured MTU CWE-120 8.1 High2023-03-17
CVE-2023-23609 contiki-ng BLE-L2CAP contains Improper size validation of L2CAP frames CWE-787 8.2 High2023-01-25
CVE-2022-41972 Contiki-NG contains NULL Pointer Dereference in BLE L2CAP module CWE-476 2.9 Low2022-12-16
CVE-2022-41873 Out-of-bounds read and write in BLE L2CAP module CWE-125 4.2 Medium2022-11-11
CVE-2022-36054 Out-of-bounds write when decompressing 6LoWPAN payload in Contiki-NG CWE-787 6.8 Medium2022-09-01
CVE-2022-36052 Out-of-bounds read when decompressing UDP header CWE-125 5.9 Medium2022-09-01
CVE-2022-36053 Out-of-bounds read in the uIP buffer module CWE-125 5.9 Medium2022-09-01
CVE-2022-35927 Unverified DIO prefix info lengths in RPL-Classic in Contiki-NG CWE-120 8.1 High2022-08-04
CVE-2022-35926 Out-of-bounds read in IPv6 neighbor solicitation in Contiki-NG CWE-125 5.9 Medium2022-08-04
CVE-2021-32771 Buffer overflow in contiki-ng CWE-120 8.1 High2022-08-04
CVE-2021-21410 Out-of-bounds read in the 6LoWPAN implementation CWE-125 8.2 High2021-06-18
CVE-2021-21257 Out-of-bounds write in RPL-Classic and RPL-Lite CWE-787 8.2 High2021-06-18
CVE-2021-21279 Infinite loop in IPv6 neighbor solicitation processing CWE-835 7.5 High2021-06-18
CVE-2021-21280 Out-of-bounds write when processing 6LoWPAN extension headers CWE-787 8.6 High2021-06-18
CVE-2021-21281 Buffer overflow due to unvalidated TCP data offset CWE-120 7.0 High2021-06-18
CVE-2021-21282 Buffer overflow in RPL source routing header processing CWE-120 8.6 High2021-06-18

All 29 known CVE vulnerabilities affecting contiki-ng with full Chinese analysis, references, and POCs where available.