Connman@* Security Vulnerabilities and Issues — Connman@* CVE List

Lucene search

IntelConnman*

5 matches found

CVE•added 2022/01/28 4:15 p.m.•168 views

CVE-2022-23097

An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read.

9.1CVSS8.8AI score0.00094EPSS

CVE•added 2022/01/28 4:15 p.m.•150 views

CVE-2022-23098

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received.

7.5CVSS7.3AI score0.0008EPSS

CVE•added 2022/01/28 4:15 p.m.•105 views

CVE-2022-23096

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read.

9.1CVSS8.9AI score0.00082EPSS

CVE•added 2022/08/03 2:15 p.m.•93 views

CVE-2022-32293

In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling, leading to crashes or code execution.

8.1CVSS8.7AI score0.00298EPSS

CVE•added 2022/08/03 2:15 p.m.•79 views

CVE-2022-32292

In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.

9.8CVSS9.6AI score0.0148EPSS