netavark

crates.io2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting netavarkpage 1 of 1

CVE-2025-8283LOWCVSS 3.7EG 3.7✓ Fixed in 1.15.1
2025-07-28
A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When cr…
CVE-2026-35406MEDIUMCVSS 6.2EG 6.2✓ Fixed in 1.17.1
2026-04-07
Aardvark-dns is an authoritative dns server for A/AAAA container records. From 1.16.0 to 1.17.0, a truncated TCP DNS query followed by a connection reset causes aardvark-dns to enter an unrecoverable infinite error loop at 100% CPU. This v…

Check whether netavark is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for netavark CVEs against the assets you own.

Start Free Scan →