Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 15 SP4 package connman, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2022-32292 — CVSS 9.8 (critical): In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow…
CVE-2022-32293 — CVSS 8.1 (high): In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HTTP query could be used to trigger a use-after-free in WISPR handling…
CVE-2023-28488 — CVSS 6.5 (medium): client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a…