Security Advisory

CVE-2019-5152

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-12-18 14:31:56

Last updated 2024-08-04 19:47:56

Assigner talos

State PUBLISHED

Description

An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information disclosure. An attacker can send arbitrary packets to trigger this vulnerability.

← Browse all CVEs View on cve.org ↗