Description
picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack
References (1)
Core 1
Core References
Patch, Third Party Advisory x_refsource_confirm
https://github.com/tass-belgium/picotcp/pull/473
Scores
CVSS v3
9.8
EPSS
0.0222
EPSS Percentile
80.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (6)
altran/picotcp
1.5.0
altran/picotcp
1.5.1
altran/picotcp
1.6.0
altran/picotcp
1.6.1
altran/picotcp
1.6.2
altran/picotcp
1.7.0
Published
Nov 17, 2017
Tracked Since
Feb 18, 2026