Ecosystem	Package	Version

Vulnerabilities

CVE-2025-68471

CVE-2025-68471

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending 2 unsolicited announcements with CNAME resource records 2 seconds apart.

Published Jan 13, 2026

https://github.com/avahi/avahi/security/advisories/GHSA-56rf-42xr-qmmg

CVSS ScoreMedium

6.5

Ecosystem	Package	Version


conan	avahi	0.8
rpm	avahi	0.6.25-11.el6
rpm	avahi	0.6.25-12.el6
rpm	avahi	0.6.25-12.el6_5.1
rpm	avahi	0.6.25-12.el6_5.3
rpm	avahi	0.6.25-15.el6
rpm	avahi	0.6.25-15.el6_8.1
rpm	avahi	0.6.25-17.el6
rpm	avahi	0.6.25-8.el6
rpm	avahi	0.6.31-13.el7
rpm	avahi	0.6.31-14.el7
rpm	avahi	0.6.31-15.el7
rpm	avahi	0.6.31-15.el7_2.1
rpm	avahi	0.6.31-17.el7
rpm	avahi	0.6.31-19.el7
rpm	avahi	0.6.31-20.el7
rpm	avahi	0.7-19.el8
rpm	avahi	0.7-20.el8
rpm	avahi	0.7-21.el8
rpm	avahi	0.7-21.el8_9.1
rpm	avahi	0.7-27.el8
rpm	avahi	0.7-27.el8_10.1
rpm	avahi	0.8-12.el9
rpm	avahi	0.8-12.el9_2.1
rpm	avahi	0.8-15.el9
rpm	avahi	0.8-20.el9
rpm	avahi	0.8-21.el9
rpm	avahi	0.8-22.el9_6.1
rpm	avahi	0.8-23.el9
rpm	avahi	0.8-29.el10

CVE-2025-68471 | Components Impacted | Sonatype Guide | Sonatype Guide