high severity
Do your applications use this vulnerable package?
Test your applications
Overview
Affected versions of this package are vulnerable to RHSA-2020:2894. D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility. Security Fix(es): * dbus: denial of service via file descriptor leak (CVE-2020-12049) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Remediation
Upgrade dbus-libs
to version or higher.
References
- CVE
- RHSA-2020:2894
- Snyk ID
- SNYK-CENTOS7-DBUSLIBS-584290
- Published
- 13 Jul, 2020