Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:avahi:avahi:0.8:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-38473 |
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function. Published: November 02, 2023; 12:15:08 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-38472 |
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function. Published: November 02, 2023; 11:15:08 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-38471 |
A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function. Published: November 02, 2023; 11:15:08 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-38470 |
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function. Published: November 02, 2023; 11:15:08 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-38469 |
A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record. Published: November 02, 2023; 11:15:08 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2021-3468 |
A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered. Published: June 02, 2021; 12:15:08 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2021-26720 |
avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects the packaging for Debian GNU/Linux (used indirectly by SUSE), not the upstream Avahi product. Published: February 17, 2021; 5:15:12 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |