CVE-2020-25340: NFStream Local Denial of Service (DoS)

May 24, 2022 (updated September 26, 2024)

An issue was discovered in NFStream 5.2.0. Because some allocated modules are not correctly freed, if the nfstream object is directly destroyed without being used after it is created, it will cause a memory leak that may result in a local denial of service (DoS).

References

github.com/advisories/GHSA-whmq-cfm5-j8mj
github.com/nfstream/nfstream
github.com/ntop/nDPI/issues/994
github.com/pypa/advisory-database/tree/main/vulns/nfstream/PYSEC-2021-68.yaml
nvd.nist.gov/vuln/detail/CVE-2020-25340

Code Behaviors & Features

Detect and mitigate CVE-2020-25340 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →