Avahi 0.8-4

CPE Details

Avahi 0.8-4
avahi
avahi
0.8-4
2021-02-19
15h45 +00:00
2021-02-19
15h45 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:avahi:avahi:0.8-4:*:*:*:*:*:*:*

Informations

Vendor

avahi

Product

avahi

Version

0.8-4

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-38473 2023-11-02 15h00 +00:00 A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.
6.2
Medium
CVE-2023-38472 2023-11-02 14h59 +00:00 A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function.
6.2
Medium
CVE-2023-38471 2023-11-02 14h58 +00:00 A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function.
6.2
Medium
CVE-2023-38470 2023-11-02 14h57 +00:00 A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function.
6.2
Medium
CVE-2023-38469 2023-11-02 14h49 +00:00 A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record.
6.2
Medium
CVE-2021-26720 2021-02-17 20h19 +00:00 avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon, and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects the packaging for Debian GNU/Linux (used indirectly by SUSE), not the upstream Avahi product.
7.8
High