VYPR

rpm package

opensuse/avahi-glib2&distro=openSUSE Leap 15.5

pkg:rpm/opensuse/avahi-glib2&distro=openSUSE%20Leap%2015.5

Vulnerabilities (6)

  • CVE-2024-52616MedNov 21, 2024
    affected < 0.8-150400.7.20.1fixed 0.8-150400.7.20.1

    A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.

  • CVE-2023-38473Nov 2, 2023
    affected < 0.8-150400.7.10.1fixed 0.8-150400.7.10.1

    A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.

  • CVE-2023-38472Nov 2, 2023
    affected < 0.8-150400.7.13.1fixed 0.8-150400.7.13.1

    A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function.

  • CVE-2023-38471Nov 2, 2023
    affected < 0.8-150400.7.16.1fixed 0.8-150400.7.16.1

    A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function.

  • CVE-2023-38470Nov 2, 2023
    affected < 0.8-150400.7.10.1fixed 0.8-150400.7.10.1

    A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function.

  • CVE-2023-38469Nov 2, 2023
    affected < 0.8-150400.7.16.1fixed 0.8-150400.7.16.1

    A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record.