GCVE - cpe:2.3:a:n/a:bluez:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:bluez:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Bluez (`f07cb000-99a9-50d4-8a88-6c4db0d80067`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-0204`	vulnerable	2026-06-08 05:39:09.477931	Details available A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service. Published: 2022-03-09T00:00:00.000Z Updated: 2026-04-15T21:09:47.949Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=2039807 https://github.com/bluez/bluez/security/advisories/GHSA-479m-xcq5-9g2q https://github.com/bluez/bluez/commit/591c546c536b42bef696d027f64aa22434f8c3f0 https://security.gentoo.org/glsa/202209-16 https://lists.debian.org/debian-lts-announce/2022/10/msg00026.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-3658`	vulnerable	2026-06-08 05:33:53.324319	Details available bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a device is powered down while discoverable, it will be discoverable when powered on again. This could lead to inadvertent exposure of the bluetooth stack to physically nearby attackers. Published: 2022-03-02T22:11:05.000Z Updated: 2026-04-15T21:11:08.326Z Open on db.gcve.eu Reference links https://gitlab.gnome.org/GNOME/gnome-bluetooth/-/issues/89 https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=b497b5942a8beb8f89ca1c359c54ad67ec843055 https://github.com/bluez/bluez/commit/b497b5942a8beb8f89ca1c359c54ad67ec843055 https://bugzilla.redhat.com/show_bug.cgi?id=1984728 https://security.netapp.com/advisory/ntap-20220407-0002/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-0129`	vulnerable	2026-06-08 05:28:07.985234	Details available Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. Published: 2021-06-09T19:50:59.000Z Updated: 2024-08-03T15:32:09.439Z Open on db.gcve.eu Reference links https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html https://security.netapp.com/advisory/ntap-20210716-0002/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-12352`	vulnerable	2026-06-08 05:17:57.178122	Details available Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access. Published: 2020-11-23T16:15:54.000Z Updated: 2024-08-04T11:56:51.413Z Open on db.gcve.eu Reference links https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351 http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-12351`	vulnerable	2026-06-08 05:17:57.170184	Details available Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. Published: 2020-11-23T16:15:38.000Z Updated: 2024-08-04T11:56:51.231Z Open on db.gcve.eu Reference links https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html?wapkw=CVE-2020-12351 http://packetstormsecurity.com/files/162131/Linux-Kernel-5.4-BleedingTooth-Remote-Code-Execution.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.