[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-14378":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":28,"aliases":43,"duplicate_of":9,"upstream":44,"downstream":45,"duplicates":126,"related":127,"reserved_at":9,"published_at":145,"modified_at":146,"state":147,"summary":148,"references_raw":156,"kevs":279,"epss":280,"epss_history":283,"metrics":536,"affected":547},"CVE-2019-14378","ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.",null,[11,20],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-755","Improper Handling of Exceptional Conditions","The product does not handle or incorrectly handles an exceptional condition.","weakness","Incomplete","Class","Medium",[],{"_key":21,"id":21,"name":22,"description":23,"type":15,"status":24,"abstraction":25,"likelihood_of_exploit":26,"capec":27},"CWE-787","Out-of-bounds Write","The product writes data past the end, or before the beginning, of the intended buffer.","Draft","Base","High",[],[29],{"_key":30,"name":31,"source":32,"url":33,"maturity":34,"reliability_score":35,"verified":36,"type":37,"platforms":38,"requires_auth":9,"exploitdb":40,"metasploit":9},"47320","QEMU - Denial of Service","exploit-database","https://www.exploit-db.com/exploits/47320","poc",0.5,false,"dos",[39],"linux",{"verified":36,"type":37,"platform":39,"file":41,"codes":42},"exploits/linux/dos/47320.c",[7],[],[],[46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124],{"_key":47},"SUSE-SU-2019:2157-1",{"_key":49},"RHBA-2019:2715",{"_key":51},"RHBA-2019:3723",{"_key":53},"RHSA-2019:3179",{"_key":55},"RHSA-2019:3742",{"_key":57},"RHSA-2019:3787",{"_key":59},"RHSA-2019:3968",{"_key":61},"RHSA-2019:4344",{"_key":63},"RHSA-2020:0775",{"_key":65},"RHSA-2020:0889",{"_key":67},"RHSA-2020:1216",{"_key":69},"RHSA-2020:2065",{"_key":71},"RHSA-2020:2126",{"_key":73},"RHSA-2020:2342",{"_key":75},"OPENSUSE-SU-2024:11287-1",{"_key":77},"SUSE-SU-2019:14151-1",{"_key":79},"SUSE-SU-2019:14199-1",{"_key":81},"SUSE-SU-2019:14201-1",{"_key":83},"SUSE-SU-2019:2192-1",{"_key":85},"SUSE-SU-2019:2221-1",{"_key":87},"SUSE-SU-2019:2246-1",{"_key":89},"SUSE-SU-2019:2353-1",{"_key":91},"SUSE-SU-2019:2753-1",{"_key":93},"SUSE-SU-2019:2769-1",{"_key":95},"SUSE-SU-2019:2783-1",{"_key":97},"SUSE-SU-2019:2955-1",{"_key":99},"SUSE-SU-2020:0388-1",{"_key":101},"OPENSUSE-SU-2019:2041-1",{"_key":103},"OPENSUSE-SU-2019:2059-1",{"_key":105},"OPENSUSE-SU-2019:2510-1",{"_key":107},"DLA-1927-1",{"_key":109},"DSA-4506-1",{"_key":111},"DSA-4512-1",{"_key":113},"USN-4191-1",{"_key":115},"USN-4191-2",{"_key":117},"DEBIAN-CVE-2019-14378",{"_key":119},"RHSA-2019:3403",{"_key":121},"RHSA-2019:3494",{"_key":123},"UBUNTU-CVE-2019-14378",{"_key":125},"RHSA-2020:0366",[],[128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144],{"_key":47},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":91},{"_key":93},{"_key":95},{"_key":97},{"_key":99},{"_key":101},{"_key":103},{"_key":105},"2019-07-29T10:05:22.000Z","2024-08-05T00:19:40.277Z","Modified",{"cisa_kev":36,"cisa_ransomware":36,"cisa_vendor":9,"epss_severity":149,"epss_score":150,"severity":151,"severity_score":152,"severity_version":153,"severity_source":154,"severity_vector":155,"severity_status":147},"low",0.06468,"high",8.8,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[157,165,171,177,182,187,191,195,199,204,208,212,216,221,225,229,234,238,242,246,250,255,259,263,267,271,275],{"url":158,"sources":159,"tags":161},"https://gitlab.freedesktop.org/slirp/libslirp/commit/126c04acbabd7ad32c2b018fe10dfac2a3bc1210",[160,154],"cve.org",[162,163,164],"X Refsource MISC","Patch","Third Party Advisory",{"url":166,"sources":167,"tags":168},"http://www.openwall.com/lists/oss-security/2019/08/01/2",[160,154],[169,170,164],"Mailing List","X Refsource MLIST",{"url":172,"sources":173,"tags":174},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPLHB2AN663OXAWUQURF7J2X5LHD4VD3/",[160,154],[175,176],"Vendor Advisory","X Refsource FEDORA",{"url":178,"sources":179,"tags":180},"https://seclists.org/bugtraq/2019/Aug/41",[160,154],[169,181],"X Refsource BUGTRAQ",{"url":183,"sources":184,"tags":185},"https://www.debian.org/security/2019/dsa-4506",[160,154],[175,186],"X Refsource DEBIAN",{"url":188,"sources":189,"tags":190},"https://blog.bi0s.in/2019/08/24/Pwn/VM-Escape/2019-07-29-qemu-vm-escape-cve-2019-14378/",[160,154],[162],{"url":192,"sources":193,"tags":194},"https://news.ycombinator.com/item?id=20799010",[160,154],[162],{"url":196,"sources":197,"tags":198},"http://packetstormsecurity.com/files/154269/QEMU-Denial-Of-Service.html",[160,154],[162],{"url":200,"sources":201,"tags":202},"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00000.html",[160,154],[175,203],"X Refsource SUSE",{"url":205,"sources":206,"tags":207},"https://www.debian.org/security/2019/dsa-4512",[160,154],[175,186],{"url":209,"sources":210,"tags":211},"https://seclists.org/bugtraq/2019/Sep/3",[160,154],[169,181],{"url":213,"sources":214,"tags":215},"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00008.html",[160,154],[175,203],{"url":217,"sources":218,"tags":219},"https://support.f5.com/csp/article/K25423748",[160,154],[220],"X Refsource CONFIRM",{"url":222,"sources":223,"tags":224},"https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html",[160,154],[169,170],{"url":226,"sources":227,"tags":228},"https://support.f5.com/csp/article/K25423748?utm_source=f5support&amp%3Butm_medium=RSS",[160,154],[220],{"url":230,"sources":231,"tags":232},"https://access.redhat.com/errata/RHSA-2019:3179",[160,154],[175,233],"X Refsource REDHAT",{"url":235,"sources":236,"tags":237},"https://access.redhat.com/errata/RHSA-2019:3403",[160,154],[175,233],{"url":239,"sources":240,"tags":241},"https://access.redhat.com/errata/RHSA-2019:3494",[160,154],[175,233],{"url":243,"sources":244,"tags":245},"https://access.redhat.com/errata/RHSA-2019:3742",[160,154],[175,233],{"url":247,"sources":248,"tags":249},"https://access.redhat.com/errata/RHSA-2019:3787",[160,154],[175,233],{"url":251,"sources":252,"tags":253},"https://usn.ubuntu.com/4191-2/",[160,154],[175,254],"X Refsource UBUNTU",{"url":256,"sources":257,"tags":258},"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00034.html",[160,154],[175,203],{"url":260,"sources":261,"tags":262},"https://usn.ubuntu.com/4191-1/",[160,154],[175,254],{"url":264,"sources":265,"tags":266},"https://access.redhat.com/errata/RHSA-2019:3968",[160,154],[175,233],{"url":268,"sources":269,"tags":270},"https://access.redhat.com/errata/RHSA-2019:4344",[160,154],[175,233],{"url":272,"sources":273,"tags":274},"https://access.redhat.com/errata/RHSA-2020:0366",[160,154],[175,233],{"url":276,"sources":277,"tags":278},"https://access.redhat.com/errata/RHSA-2020:0775",[160,154],[175,233],[],{"date":281,"score":150,"percentile":282},"2026-06-04",0.91244,[284,288,290,293,296,299,301,303,306,309,312,315,317,320,322,326,329,332,335,338,341,344,347,349,351,354,357,360,363,366,369,372,375,378,381,383,386,389,392,395,398,401,403,406,409,412,414,417,419,421,424,427,430,433,436,439,442,444,447,450,453,456,459,462,464,467,470,473,476,479,481,483,485,488,491,494,496,498,501,504,507,510,514,517,520,523,526,529,531,533],{"date":285,"score":286,"percentile":287},"2025-11-04",0.0868,0.92078,{"date":289,"score":286,"percentile":287},"2025-11-05",{"date":291,"score":286,"percentile":292},"2025-11-06",0.9208,{"date":294,"score":286,"percentile":295},"2025-11-07",0.92084,{"date":297,"score":286,"percentile":298},"2025-11-08",0.92081,{"date":300,"score":286,"percentile":292},"2025-11-09",{"date":302,"score":286,"percentile":298},"2025-11-10",{"date":304,"score":286,"percentile":305},"2025-11-11",0.92087,{"date":307,"score":286,"percentile":308},"2025-11-12",0.92092,{"date":310,"score":286,"percentile":311},"2025-11-13",0.92094,{"date":313,"score":286,"percentile":314},"2025-11-14",0.92096,{"date":316,"score":286,"percentile":308},"2025-11-15",{"date":318,"score":286,"percentile":319},"2025-11-16",0.921,{"date":321,"score":286,"percentile":319},"2025-11-17",{"date":323,"score":324,"percentile":325},"2025-11-18",0.1401,0.93703,{"date":327,"score":324,"percentile":328},"2025-11-19",0.93706,{"date":330,"score":324,"percentile":331},"2025-11-20",0.93713,{"date":333,"score":286,"percentile":334},"2025-11-21",0.92109,{"date":336,"score":286,"percentile":337},"2025-11-22",0.92108,{"date":339,"score":286,"percentile":340},"2025-11-23",0.92113,{"date":342,"score":286,"percentile":343},"2025-11-24",0.92115,{"date":345,"score":286,"percentile":346},"2025-11-25",0.92117,{"date":348,"score":286,"percentile":346},"2025-11-26",{"date":350,"score":286,"percentile":343},"2025-11-27",{"date":352,"score":286,"percentile":353},"2025-11-28",0.92107,{"date":355,"score":286,"percentile":356},"2025-11-29",0.92126,{"date":358,"score":286,"percentile":359},"2025-11-30",0.92124,{"date":361,"score":286,"percentile":362},"2025-12-01",0.92165,{"date":364,"score":286,"percentile":365},"2025-12-02",0.92169,{"date":367,"score":286,"percentile":368},"2025-12-03",0.92172,{"date":370,"score":286,"percentile":371},"2025-12-04",0.92128,{"date":373,"score":286,"percentile":374},"2025-12-05",0.9213,{"date":376,"score":286,"percentile":377},"2025-12-06",0.92135,{"date":379,"score":286,"percentile":380},"2025-12-07",0.92134,{"date":382,"score":286,"percentile":380},"2025-12-08",{"date":384,"score":286,"percentile":385},"2025-12-09",0.92138,{"date":387,"score":286,"percentile":388},"2025-12-10",0.92148,{"date":390,"score":286,"percentile":391},"2025-12-11",0.92151,{"date":393,"score":286,"percentile":394},"2025-12-12",0.92155,{"date":396,"score":286,"percentile":397},"2025-12-13",0.92147,{"date":399,"score":286,"percentile":400},"2025-12-14",0.92145,{"date":402,"score":286,"percentile":397},"2025-12-15",{"date":404,"score":286,"percentile":405},"2025-12-16",0.92156,{"date":407,"score":286,"percentile":408},"2025-12-17",0.92161,{"date":410,"score":286,"percentile":411},"2025-12-18",0.92166,{"date":413,"score":286,"percentile":365},"2025-12-19",{"date":415,"score":286,"percentile":416},"2025-12-20",0.92168,{"date":418,"score":286,"percentile":365},"2025-12-21",{"date":420,"score":286,"percentile":416},"2025-12-22",{"date":422,"score":286,"percentile":423},"2025-12-23",0.9217,{"date":425,"score":286,"percentile":426},"2025-12-24",0.92174,{"date":428,"score":286,"percentile":429},"2025-12-25",0.92179,{"date":431,"score":286,"percentile":432},"2025-12-26",0.9218,{"date":434,"score":286,"percentile":435},"2025-12-27",0.92206,{"date":437,"score":286,"percentile":438},"2025-12-28",0.92177,{"date":440,"score":286,"percentile":441},"2025-12-29",0.92173,{"date":443,"score":286,"percentile":438},"2025-12-30",{"date":445,"score":286,"percentile":446},"2025-12-31",0.92184,{"date":448,"score":286,"percentile":449},"2026-01-01",0.92239,{"date":451,"score":286,"percentile":452},"2026-01-02",0.92236,{"date":454,"score":286,"percentile":455},"2026-01-03",0.92234,{"date":457,"score":286,"percentile":458},"2026-01-04",0.92192,{"date":460,"score":286,"percentile":461},"2026-01-05",0.9219,{"date":463,"score":286,"percentile":458},"2026-01-06",{"date":465,"score":286,"percentile":466},"2026-01-07",0.92193,{"date":468,"score":286,"percentile":469},"2026-01-08",0.92196,{"date":471,"score":286,"percentile":472},"2026-01-09",0.92199,{"date":474,"score":286,"percentile":475},"2026-01-10",0.922,{"date":477,"score":286,"percentile":478},"2026-01-11",0.92195,{"date":480,"score":286,"percentile":478},"2026-01-12",{"date":482,"score":286,"percentile":478},"2026-01-13",{"date":484,"score":286,"percentile":435},"2026-01-14",{"date":486,"score":286,"percentile":487},"2026-01-15",0.92208,{"date":489,"score":286,"percentile":490},"2026-01-16",0.9221,{"date":492,"score":286,"percentile":493},"2026-01-17",0.92212,{"date":495,"score":286,"percentile":435},"2026-01-18",{"date":497,"score":286,"percentile":435},"2026-01-19",{"date":499,"score":286,"percentile":500},"2026-01-20",0.92209,{"date":502,"score":286,"percentile":503},"2026-01-21",0.92214,{"date":505,"score":286,"percentile":506},"2026-01-22",0.92217,{"date":508,"score":286,"percentile":509},"2026-01-23",0.92225,{"date":511,"score":512,"percentile":513},"2026-01-24",0.09069,0.92416,{"date":515,"score":512,"percentile":516},"2026-01-25",0.92418,{"date":518,"score":512,"percentile":519},"2026-01-26",0.9242,{"date":521,"score":512,"percentile":522},"2026-01-27",0.92422,{"date":524,"score":512,"percentile":525},"2026-01-28",0.92424,{"date":527,"score":512,"percentile":528},"2026-01-29",0.92425,{"date":530,"score":512,"percentile":525},"2026-01-30",{"date":532,"score":512,"percentile":525},"2026-01-31",{"date":534,"score":512,"percentile":535},"2026-02-01",0.92467,[537],{"source":154,"cvss_v2_0":538,"cvss_v3_0":543,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":539,"baseSeverity":9,"vectorString":540,"impactScore":541,"exploitabilityScore":542},6.5,"AV:N/AC:L/Au:S/C:P/I:P/A:P",6.4,8,{"baseScore":152,"baseSeverity":544,"vectorString":155,"impactScore":545,"exploitabilityScore":546},"HIGH",9.8,7.2,[548],{"ecosystem":9,"name":549,"vendor":550,"product":549,"cpe_part":551,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":552},"libslirp","libslirp_project","a",[553],{"version":554,"is_range":36,"range_type":555,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.0","cpe"]