Aggregates CVE and security vulnerability intelligence across all connman-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk input validation, vendor risk denial of service, and vendor risk integer handling, with potential vendor impact unexpected behavior across vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2012-2322 | Integer overflow in the dhcpv6_get_option function in gdhcp/client.c in ConnMan before 0.85 allows remote attackers to cause a denial of service (infinite loop and crash) via an invalid length value in a DHCP packet. | [email protected] | 5.0 | 3.23% | 2012-05-18 | 2026-06-16 |
| CVE-2012-2321 | The loopback plug-in in ConnMan before 0.85 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) host name or (2) domain name in a DHCP reply. | [email protected] | 10.0 | 5.71% | 2012-05-18 | 2026-06-16 |
| CVE-2012-2320 | ConnMan before 0.85 does not ensure that netlink messages originate from the kernel, which allows remote attackers to bypass intended access restrictions and cause a denial of service via a crafted netlink message. | [email protected] | 7.8 | 2.53% | 2012-05-18 | 2026-06-16 |