Debian/connman — 26 CVEs

Loading…

All known vulnerabilities

CRITICAL9.8CVE-2022-32292connman - security update

from 0, < 1.36-2.1~deb10u3

CRITICAL9.8CVE-2022-32292connman - security update

from 0, < 1.36-2.2+deb11u1

CRITICAL9.8CVE-2021-33833connman - security update

from 0, < 1.33-3+deb9u3

CRITICAL9.8connman - security update

from 0, < 1.36-2.2

CRITICAL9.8connman - security update

from 0, < 1.21-1.2+deb8u1

CRITICAL9.8connman - security update

from 0, < 1.0-1.1+wheezy2

CRITICAL9.8connman - security update

from 0, < 1.35-1

CRITICAL9.1An issue was discovered in the DNS proxy in Connman through 1.40.

from 0, < 1.36-2.2+deb11u1

CRITICAL9.1connman - security update

from 0, < 1.36-2.1~deb10u4

CRITICAL9.1connman - security update

from 0, < 1.36-2.2+deb11u1

CRITICAL9.1connman - security update

from 0, < 1.36-2.2+deb11u1

CRITICAL9.0In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in…

from 0

HIGH8.8connman - security update

from 0, < 1.36-2.1~deb10u1

HIGH8.8connman - security update

from 0, < 1.36-2.1

HIGH8.8connman - security update

from 0, < 1.33-3+deb9u2

HIGH8.1In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling,…

from 0, < 1.36-2.2+deb11u1

HIGH7.5An issue was discovered in the DNS proxy in Connman through 1.40.

from 0, < 1.36-2.2+deb11u1

MEDIUM6.5connman - security update

from 0, < 1.36-2.2+deb11u2

MEDIUM6.5connman - security update

from 0, < 1.36-2.2+deb11u2

MEDIUM6.5connman - security update

from 0, < 1.36-2.1~deb10u5

MEDIUM6.5gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation…

from 0, < 1.36-2.1

MEDIUM4.8In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen) and…

from 0

—ConnMan 1.3 on Tizen continues to list the bluetooth service after offline mode has been enabled, which might allow remote attackers to obt…

from 0, < 1.0-1.1

—Integer overflow in the dhcpv6_get_option function in gdhcp/client.c in ConnMan before 0.85 allows remote attackers to cause a denial of se…

from 0, < 1.0-1

—The loopback plug-in in ConnMan before 0.85 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) host…

from 0, < 1.0-1

—ConnMan before 0.85 does not ensure that netlink messages originate from the kernel, which allows remote attackers to bypass intended acces…

from 0, < 1.0-1

pkg:Debian/connman

✅ Check your installed version

All known vulnerabilities