GCVE - cpe:2.3:a:netfilter:iptables:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:netfilter:iptables:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Netfilter (`24510d86-5826-5fd3-8d92-e1be6b300851`)
Product	Iptables (`f9658694-34c0-517c-b1bc-58518d1304a4`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:deb/debian/iptables`	purl2cpe	2026-06-01 10:16:04.540410
`pkg:deb/ubuntu/iptables`	purl2cpe	2026-06-01 10:16:04.540413
`pkg:github/cernekee/iptables`	purl2cpe	2026-06-01 10:16:04.540415
`pkg:github/shadowsocks/iptables`	purl2cpe	2026-06-01 10:16:04.540418
`pkg:gitlab/redhat/iptables`	purl2cpe	2026-06-01 10:16:04.540421
`pkg:rpm/centos/iptables`	purl2cpe	2026-06-01 10:16:04.540423
`pkg:rpm/fedora/iptables`	purl2cpe	2026-06-01 10:16:04.540426
`pkg:rpm/opensuse/iptables`	purl2cpe	2026-06-01 10:16:04.540429

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2012-2663`	vulnerable	2026-06-08 05:02:05.278837	Details available extensions/libxt_tcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant. Published: 2014-02-15T11:00:00.000Z Updated: 2024-08-06T19:42:31.646Z Open on db.gcve.eu Reference links http://www.spinics.net/lists/netfilter-devel/msg21248.html https://bugzilla.redhat.com/show_bug.cgi?id=826702	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2001-1388`	vulnerable	2026-06-08 04:46:19.812659	Details available iptables before 1.2.4 does not accurately convert rate limits that are specified on the command line, which could allow attackers or users to generate more or less traffic than intended by the administrator. Published: 2002-08-31T04:00:00.000Z Updated: 2024-08-08T04:51:08.232Z Open on db.gcve.eu Reference links http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=53325 http://rhn.redhat.com/errata/RHSA-2001-144.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2001-1387`	vulnerable	2026-06-08 04:46:19.812299	Details available iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "--reject-with tcp-reset," which causes iptables to generate different responses than specified by the administrator, possibly leading to an information leak. Published: 2002-08-31T04:00:00.000Z Updated: 2024-08-08T04:51:08.314Z Open on db.gcve.eu Reference links http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=50500 http://rhn.redhat.com/errata/RHSA-2001-144.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.