Browse all 10 CVE security advisories affecting The Tcpdump Group. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The Tcpdump Group develops tcpdump, a widely used network traffic analysis tool for packet sniffing and debugging. Historically, its vulnerabilities have frequently included buffer overflows leading to remote code execution, integer overflows, and denial-of-service conditions. Privilege escalation vulnerabilities have also been identified in certain implementations. While no major public security incidents have been widely documented, the tool's extensive deployment in critical infrastructure makes its security posture significant. The project maintains a moderate vulnerability count with 10 CVEs on record, primarily focusing on memory safety issues and input validation flaws in packet parsing, reflecting the challenges of handling untrusted network data.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-2397 | infinite loop in the PPP printer of tcpdump — tcpdumpCWE-835 | 6.2 | Medium | 2024-04-12 |
| CVE-2023-1801 | tcpdump 缓冲区错误漏洞 — tcpdumpCWE-787 | 8.1 | - | 2023-04-07 |
| CVE-2020-8036 | str2tokbuf used incorrectly by print-someip.c — tcpdump | 9.1 | - | 2020-11-04 |
| CVE-2020-8037 | ppp decapsulator can be convinced to allocate a large amount of memory — tcpdump | 6.2 | - | 2020-11-04 |
| CVE-2018-16301 | 编码撤回 — tcpdumpCWE-190 | 7.0 | - | 2019-10-03 |
This page lists every published CVE security advisory associated with The Tcpdump Group. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.