Networkmanager CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2011-1943	2 Fedoraproject, Gnome	2 Fedora, Networkmanager	2025-04-11	N/A
The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by reading a log file.
CVE-2021-20297	3 Fedoraproject, Gnome, Redhat	4 Fedora, Networkmanager, Enterprise Linux and 1 more	2024-11-21	5.5 Medium
A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkManager. The highest threat from this vulnerability is to system availability.
CVE-2020-10754	3 Fedoraproject, Gnome, Redhat	3 Fedora, Networkmanager, Enterprise Linux	2024-11-21	4.3 Medium
It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication does not happen and the connection is made insecurely.

Page 1 of 1.