Filtered by vendor Rpm-software-management
Subscriptions
Filtered by product Dnf5
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-1930 | 2 Fedora, Rpm-software-management | 2 Dnf5daemon-server, Dnf5 | 2025-08-07 | 6.5 Medium |
| No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via No Limit on Number of Open Sessions. There is no limit on how many sessions D-Bus clients may create using the `open_session()` D-Bus method. For each session a thread is created in dnf5daemon-server. This spends a couple of hundred megabytes of memory in the process. Further connections will become impossible, likely because no more threads can be spawned by the D-Bus service. | ||||
Page 1 of 1.