Freedesktop dbus 1.10.28

CPE Details

Freedesktop dbus 1.10.28
freedesktop
dbus
1.10.28
2019-07-12
15h24 +00:00
2019-07-12
15h24 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:freedesktop:dbus:1.10.28:*:*:*:*:*:*:*

Informations

Vendor

freedesktop

Product

dbus

Version

1.10.28

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-42010 2022-10-08 22h00 +00:00 An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures.
6.5
Medium
CVE-2022-42011 2022-10-08 22h00 +00:00 An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.
6.5
Medium
CVE-2022-42012 2022-10-08 22h00 +00:00 An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format.
6.5
Medium
CVE-2020-12049 2020-06-07 22h00 +00:00 An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AF_UNIX socket could use this to make the system service reach its file descriptor limit, denying service to subsequent D-Bus clients.
5.5
Medium