netavark vulnerabilities

Known vulnerabilities in the netavark package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Improper Check for Unusual or Exceptional Conditions	<2:1.10.3-1.module+el8.10.0+1874+ce489889
M Improper Validation of Integrity Check Value	<2:1.10.3-1.module+el8.10.0+1874+ce489889
M CVE-2023-45803	<2:1.10.3-1.module+el8.10.0+1874+ce489889
M Improper Certificate Validation	<2:1.10.3-1.module+el8.10.0+1874+ce489889
M Open Redirect	<2:1.10.3-1.module+el8.10.0+1874+ce489889
M CVE-2024-24791	<2:1.10.3-1.module+el8.10.0+1874+ce489889
M CVE-2024-24788	<2:1.10.3-1.module+el8.10.0+1874+ce489889
H CVE-2025-22869	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
M Allocation of Resources Without Limits or Throttling	<2:1.10.3-1.module+el8.10.0+1874+ce489889
M CVE-2023-39321	<2:1.10.3-1.module+el8.10.0+1874+ce489889
M Cross-site Scripting (XSS)	<2:1.10.3-1.module+el8.10.0+1874+ce489889
M Cross-site Scripting (XSS)	<2:1.10.3-1.module+el8.10.0+1874+ce489889
M Resource Exhaustion	<2:1.10.3-1.module+el8.10.0+1874+ce489889
M Allocation of Resources Without Limits or Throttling	<2:1.10.3-1.module+el8.10.0+1874+ce489889
M CVE-2022-27664	<2:1.0.1-38.module+el8.9.0+1445+07728297
M Information Exposure	<2:1.10.3-1.module+el8.10.0+1874+ce489889
M CVE-2023-39326	<2:1.10.3-1.module+el8.10.0+1874+ce489889
H Improper Privilege Management	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
M Directory Traversal	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
M Information Exposure	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
M CVE-2021-33198	<2:1.10.3-1.module+el8.10.0+1874+ce489889
H Directory Traversal	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
H Improper Input Validation	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
H Link Following	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
H CVE-2024-34158	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
H CVE-2024-34156	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
H CVE-2024-34155	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
H Information Exposure Through Log Files	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
H CVE-2024-37298	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
H Improper Validation of Integrity Check Value	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
H CVE-2024-24789	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
M CVE-2024-24784	<2:1.10.3-1.module+el8.10.0+1874+ce489889
M CVE-2024-24783	<2:1.10.3-1.module+el8.10.0+1874+ce489889
H Memory Leak	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
M CVE-2023-45290	<2:1.10.3-1.module+el8.10.0+1874+ce489889
M CVE-2024-28176	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
M CVE-2024-28180	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
M CVE-2024-24786	<2:1.10.3-1.module+el8.10.0+1874+ce489889
M CVE-2022-41715	<2:1.10.3-1.module+el8.10.0+1874+ce489889
M HTTP Request Smuggling	<2:1.10.3-1.module+el8.10.0+1874+ce489889
H Link Following	<2:1.10.3-1.module+el8.10.0+1815+5fe7415e
H Exposure of Resource to Wrong Sphere	<2:1.0.1-38.module+el8.9.0+1445+07728297
M Interpretation Conflict	<2:1.0.1-38.module+el8.9.0+1445+07728297
M Improper Locking	<2:1.0.1-28.module+el8.6.0+972+902006e0
H Incorrect Default Permissions	<2:1.0.1-27.module+el8.6.0+785+d1251653
H Incorrect Default Permissions	<2:1.0.1-27.module+el8.6.0+785+d1251653
H Incorrect Default Permissions	<2:1.0.1-27.module+el8.6.0+785+d1251653
H Allocation of Resources Without Limits or Throttling	<2:1.0.1-27.module+el8.6.0+785+d1251653
H Improper Privilege Management	<2:1.0.1-27.module+el8.6.0+785+d1251653
M Improper Cross-boundary Removal of Sensitive Data	<2:1.0.1-28.module+el8.6.0+972+902006e0
L Placement of User into Incorrect Group	<2:1.1.0-7.module+el8.7.0+1078+e72fcd4f
L Placement of User into Incorrect Group	<2:1.1.0-7.module+el8.7.0+1078+e72fcd4f
M Incorrect Default Permissions	<2:1.0.1-35.module+el8.6.0+997+05c9d812
M CVE-2022-27191	<2:1.0.1-35.module+el8.6.0+997+05c9d812
M Allocation of Resources Without Limits or Throttling	<2:1.0.1-35.module+el8.6.0+997+05c9d812

Vulnerability

Vulnerable Version

Improper Check for Unusual or Exceptional Conditions

<2:1.10.3-1.module+el8.10.0+1874+ce489889

Improper Validation of Integrity Check Value

<2:1.10.3-1.module+el8.10.0+1874+ce489889

CVE-2023-45803

<2:1.10.3-1.module+el8.10.0+1874+ce489889

Improper Certificate Validation

<2:1.10.3-1.module+el8.10.0+1874+ce489889

Open Redirect

<2:1.10.3-1.module+el8.10.0+1874+ce489889

CVE-2024-24791

<2:1.10.3-1.module+el8.10.0+1874+ce489889

CVE-2024-24788

<2:1.10.3-1.module+el8.10.0+1874+ce489889

CVE-2025-22869

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

Allocation of Resources Without Limits or Throttling

<2:1.10.3-1.module+el8.10.0+1874+ce489889

CVE-2023-39321

<2:1.10.3-1.module+el8.10.0+1874+ce489889

Cross-site Scripting (XSS)

<2:1.10.3-1.module+el8.10.0+1874+ce489889

Cross-site Scripting (XSS)

<2:1.10.3-1.module+el8.10.0+1874+ce489889

Resource Exhaustion

<2:1.10.3-1.module+el8.10.0+1874+ce489889

Allocation of Resources Without Limits or Throttling

<2:1.10.3-1.module+el8.10.0+1874+ce489889

CVE-2022-27664

<2:1.0.1-38.module+el8.9.0+1445+07728297

Information Exposure

<2:1.10.3-1.module+el8.10.0+1874+ce489889

CVE-2023-39326

<2:1.10.3-1.module+el8.10.0+1874+ce489889

Improper Privilege Management

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

Directory Traversal

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

Information Exposure

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

CVE-2021-33198

<2:1.10.3-1.module+el8.10.0+1874+ce489889

Directory Traversal

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

Improper Input Validation

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

Link Following

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

CVE-2024-34158

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

CVE-2024-34156

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

CVE-2024-34155

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

Information Exposure Through Log Files

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

CVE-2024-37298

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

Improper Validation of Integrity Check Value

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

CVE-2024-24789

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

CVE-2024-24784

<2:1.10.3-1.module+el8.10.0+1874+ce489889

CVE-2024-24783

<2:1.10.3-1.module+el8.10.0+1874+ce489889

Memory Leak

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

CVE-2023-45290

<2:1.10.3-1.module+el8.10.0+1874+ce489889

CVE-2024-28176

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

CVE-2024-28180

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

CVE-2024-24786

<2:1.10.3-1.module+el8.10.0+1874+ce489889

CVE-2022-41715

<2:1.10.3-1.module+el8.10.0+1874+ce489889

HTTP Request Smuggling

<2:1.10.3-1.module+el8.10.0+1874+ce489889

Link Following

<2:1.10.3-1.module+el8.10.0+1815+5fe7415e

Exposure of Resource to Wrong Sphere

<2:1.0.1-38.module+el8.9.0+1445+07728297

Interpretation Conflict

<2:1.0.1-38.module+el8.9.0+1445+07728297

Improper Locking

<2:1.0.1-28.module+el8.6.0+972+902006e0

Incorrect Default Permissions

<2:1.0.1-27.module+el8.6.0+785+d1251653

Incorrect Default Permissions

<2:1.0.1-27.module+el8.6.0+785+d1251653

Incorrect Default Permissions

<2:1.0.1-27.module+el8.6.0+785+d1251653

Allocation of Resources Without Limits or Throttling

<2:1.0.1-27.module+el8.6.0+785+d1251653

Improper Privilege Management

<2:1.0.1-27.module+el8.6.0+785+d1251653

Improper Cross-boundary Removal of Sensitive Data

<2:1.0.1-28.module+el8.6.0+972+902006e0

Placement of User into Incorrect Group

<2:1.1.0-7.module+el8.7.0+1078+e72fcd4f

Placement of User into Incorrect Group

<2:1.1.0-7.module+el8.7.0+1078+e72fcd4f

Incorrect Default Permissions

<2:1.0.1-35.module+el8.6.0+997+05c9d812

CVE-2022-27191

<2:1.0.1-35.module+el8.6.0+997+05c9d812

Allocation of Resources Without Limits or Throttling

<2:1.0.1-35.module+el8.6.0+997+05c9d812

netavark vulnerabilities

Direct Vulnerabilities

How to fix?