Freedesktop dbus 1.12.20
Approved changes feed: RSS · Atom
cpe:2.3:a:freedesktop:dbus:1.12.20:*:*:*:*:*:*:*
part: a version: 1.12.20 update: *
| Vendor | Freedesktop (2c544e5d-e68e-5b35-a616-dc08f0ba697e) |
|---|---|
| Product | Dbus (7e992f2d-f5d6-5884-a5a2-9325da73d4f4) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/dbus |
purl2cpe | 2026-06-01 10:14:03.870966 |
pkg:deb/ubuntu/dbus |
purl2cpe | 2026-06-01 10:14:03.870967 |
pkg:github/freedesktop/dbus |
purl2cpe | 2026-06-01 10:14:03.870969 |
pkg:gitlab/redhat/dbus |
purl2cpe | 2026-06-01 10:14:03.870970 |
pkg:rpm/centos/dbus |
purl2cpe | 2026-06-01 10:14:03.870971 |
pkg:rpm/fedora/dbus |
purl2cpe | 2026-06-01 10:14:03.870973 |
pkg:rpm/opensuse/dbus |
purl2cpe | 2026-06-01 10:14:03.870974 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-35512 |
vulnerable | 2026-06-03 14:42:31.964179 |
Details available
A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors
Published: 2021-02-15T16:08:39.000Z
Updated: 2024-11-19T15:32:44.371Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.