Lucene search

Dbus-broker Project Security Vulnerabilities

cve

CVE-2020-35512

A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some ...

7.8CVSS

7.5AI Score

0.0004EPSS

2021-02-15 05:15 PM

261

cve

CVE-2022-31212

An issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied.

7.5CVSS

7.4AI Score

0.001EPSS

2022-07-17 11:15 PM

cve

CVE-2022-31213

An issue was discovered in dbus-broker before 31. Multiple NULL pointer dereferences can be found when supplying a malformed XML config file.

7.5CVSS

7.3AI Score

0.001EPSS

2022-07-17 11:15 PM