Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1035821?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1035821?format=api", "purl": "pkg:deb/debian/dnsmasq@2.22-2", "type": "deb", "namespace": "debian", "name": "dnsmasq", "version": "2.22-2", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.90-4~deb12u1", "latest_non_vulnerable_version": "2.90-4~deb12u1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31419?format=api", "vulnerability_id": "VCID-3x7u-ajbx-6fht", "summary": "Two vulnerabilities in dnsmasq might allow for a Denial of Service or\n spoofing of DNS replies.", "references": [ { "reference_url": "http://article.gmane.org/gmane.network.dns.dnsmasq.general/2189", "reference_id": "", "reference_type": "", "scores": [], "url": "http://article.gmane.org/gmane.network.dns.dnsmasq.general/2189" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3350.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3350.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3350", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78836", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78787", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78794", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78825", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78807", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78839", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78863", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78846", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3350" }, { "reference_url": "http://secunia.com/advisories/31197", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31197" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43957" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43960" }, { "reference_url": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2166", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2166" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:the_kelleys:dnsmasq:2.43:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:the_kelleys:dnsmasq:2.43:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:the_kelleys:dnsmasq:2.43:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3350", "reference_id": "CVE-2008-3350", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3350" }, { "reference_url": "https://security.gentoo.org/glsa/200809-02", "reference_id": "GLSA-200809-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200809-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035824?format=api", "purl": "pkg:deb/debian/dnsmasq@2.45-1%2Blenny1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-4fwm-653p-ufcj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-antt-5fzu-87dw" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-bed9-8jhu-pkf9" }, { "vulnerability": "VCID-d3nu-fztq-nffg" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-huvr-uav1-ffex" }, { "vulnerability": "VCID-hxys-tpgq-3uf6" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-jum5-ndq3-xbhp" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nc6t-132e-cqda" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.45-1%252Blenny1" } ], "aliases": [ "CVE-2008-3350" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3x7u-ajbx-6fht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81902?format=api", "vulnerability_id": "VCID-4a66-hb88-jbgp", "summary": "dnsmasq: memory leak in the create_helper() function in /src/helper.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14834.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14834.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14834", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12755", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12856", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12907", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12712", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12792", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12843", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12809", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12772", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12725", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14834" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764425", "reference_id": "1764425", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764425" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948373", "reference_id": "948373", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1715", "reference_id": "RHSA-2020:1715", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1715" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3878", "reference_id": "RHSA-2020:3878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3878" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" }, { "reference_url": "https://usn.ubuntu.com/7689-1/", "reference_id": "USN-7689-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7689-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2019-14834" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4a66-hb88-jbgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85451?format=api", "vulnerability_id": "VCID-4fwm-653p-ufcj", "summary": "dnsmasq: Denial-of-service when empty address from DNS overlays A record from hosts", "references": [ { "reference_url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html" }, { "reference_url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010505.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010505.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8899.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8899.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8899", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23692", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23792", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23748", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23716", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23833", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23873", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23661", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23731", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23777", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8899" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=41a8d9e99be9f2cc8b02051dd322cb45e0faac87", "reference_id": "", "reference_type": "", "scores": [], "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=41a8d9e99be9f2cc8b02051dd322cb45e0faac87" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/06/03/7", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/06/03/7" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/06/04/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/06/04/2" }, { "reference_url": "http://www.securityfocus.com/bid/91031", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/91031" }, { "reference_url": "http://www.securitytracker.com/id/1036045", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036045" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3009-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3009-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343072", "reference_id": "1343072", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343072" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8899", "reference_id": "CVE-2015-8899", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8899" }, { "reference_url": "https://usn.ubuntu.com/3009-1/", "reference_id": "USN-3009-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3009-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037114?format=api", "purl": "pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2" } ], "aliases": [ "CVE-2015-8899" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4fwm-653p-ufcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61411?format=api", "vulnerability_id": "VCID-66sa-bc5p-jqde", "summary": "Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97913", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97912", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97909", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97898", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97906", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97901", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97896", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97914", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html", "reference_id": "017430.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845", "reference_id": "1063845", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852", "reference_id": "1063852", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750", "reference_id": "1077750", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/2" }, { "reference_url": "https://www.isc.org/blogs/2024-bind-security-release/", "reference_id": "2024-bind-security-release", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.isc.org/blogs/2024-bind-security-release/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263914", "reference_id": "2263914", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263914" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/", "reference_id": "6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/", "reference_id": "BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/" }, { "reference_url": "https://kb.isc.org/docs/cve-2023-50387", "reference_id": "cve-2023-50387", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://kb.isc.org/docs/cve-2023-50387" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-50387", "reference_id": "CVE-2023-50387", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-50387" }, { "reference_url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387", "reference_id": "CVE-2023-50387", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387" }, { "reference_url": "https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/", "reference_id": "dnssec_vulnerability_internet", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-10", "reference_id": "GLSA-202412-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-10" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/", "reference_id": "HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/", "reference_id": "IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/" }, { "reference_url": "https://news.ycombinator.com/item?id=39367411", "reference_id": "item?id=39367411", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://news.ycombinator.com/item?id=39367411" }, { "reference_url": "https://news.ycombinator.com/item?id=39372384", "reference_id": "item?id=39372384", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://news.ycombinator.com/item?id=39372384" }, { "reference_url": "https://www.athene-center.de/aktuelles/key-trap", "reference_id": "key-trap", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.athene-center.de/aktuelles/key-trap" }, { "reference_url": "https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/", "reference_id": "keytrap-dns-attack-could-disable-large-parts-of-internet-researchers", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html", "reference_id": "msg00006.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240307-0007/", "reference_id": "ntap-20240307-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240307-0007/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/", "reference_id": "PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html", "reference_id": "powerdns-advisory-2024-01.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/", "reference_id": "RGS7JN6FZXUSTC2XKQHH27574XOULYYJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0965", "reference_id": "RHSA-2024:0965", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0965" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0977", "reference_id": "RHSA-2024:0977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0981", "reference_id": "RHSA-2024:0981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0982", "reference_id": "RHSA-2024:0982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11003", "reference_id": "RHSA-2024:11003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1334", "reference_id": "RHSA-2024:1334", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1335", "reference_id": "RHSA-2024:1335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1522", "reference_id": "RHSA-2024:1522", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1522" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1543", "reference_id": "RHSA-2024:1543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1544", "reference_id": "RHSA-2024:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1545", "reference_id": "RHSA-2024:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1647", "reference_id": "RHSA-2024:1647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1648", "reference_id": "RHSA-2024:1648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1781", "reference_id": "RHSA-2024:1781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1782", "reference_id": "RHSA-2024:1782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1789", "reference_id": "RHSA-2024:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1800", "reference_id": "RHSA-2024:1800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1801", "reference_id": "RHSA-2024:1801", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1801" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1803", "reference_id": "RHSA-2024:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1804", "reference_id": "RHSA-2024:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2551", "reference_id": "RHSA-2024:2551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2587", "reference_id": "RHSA-2024:2587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2696", "reference_id": "RHSA-2024:2696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2720", "reference_id": "RHSA-2024:2720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2721", "reference_id": "RHSA-2024:2721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2821", "reference_id": "RHSA-2024:2821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2890", "reference_id": "RHSA-2024:2890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3271", "reference_id": "RHSA-2024:3271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3741", "reference_id": "RHSA-2024:3741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3877", "reference_id": "RHSA-2024:3877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3929", "reference_id": "RHSA-2024:3929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0039", "reference_id": "RHSA-2025:0039", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0039" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1219823", "reference_id": "show_bug.cgi?id=1219823", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1219823" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/", "reference_id": "SVYA42BLXUCIDLD35YIJPJSHDIADNYMP", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/" }, { "reference_url": "https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf", "reference_id": "Technical_Report_KeyTrap.pdf", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/", "reference_id": "TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/" }, { "reference_url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/", "reference_id": "unbound-1.19.1-released", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/", "reference_id": "UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/" }, { "reference_url": "https://usn.ubuntu.com/6633-1/", "reference_id": "USN-6633-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6633-1/" }, { "reference_url": "https://usn.ubuntu.com/6642-1/", "reference_id": "USN-6642-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6642-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-1/", "reference_id": "USN-6657-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-2/", "reference_id": "USN-6657-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-2/" }, { "reference_url": "https://usn.ubuntu.com/6665-1/", "reference_id": "USN-6665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6665-1/" }, { "reference_url": "https://usn.ubuntu.com/6723-1/", "reference_id": "USN-6723-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6723-1/" }, { "reference_url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1", "reference_id": "v5.7.1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/", "reference_id": "ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585985?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1" } ], "aliases": [ "CVE-2023-50387" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-66sa-bc5p-jqde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46207?format=api", "vulnerability_id": "VCID-69jf-2cmm-tkhj", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25682.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25682.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96955", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96983", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96981", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96982", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96962", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96966", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96969", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96977", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96978", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", "reference_id": "1882014", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1882014" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2020-25682" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-69jf-2cmm-tkhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31420?format=api", "vulnerability_id": "VCID-8fbf-8fea-27d9", "summary": "Two vulnerabilities in dnsmasq might allow for a Denial of Service or\n spoofing of DNS replies.", "references": [ { "reference_url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc" }, { "reference_url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html" }, { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520" }, { "reference_url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368", "reference_id": "", "reference_type": "", "scores": [], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html" }, { "reference_url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=121630706004256&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=121630706004256&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=121866517322103&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=121866517322103&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=123324863916385&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=123324863916385&w=2" }, { "reference_url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=141879471518471&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2008-0533.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2008-0533.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99423", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99422", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99417", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99416", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99418", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.99419", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.86697", "scoring_system": "epss", "scoring_elements": "0.9942", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037" }, { "reference_url": "http://secunia.com/advisories/30925", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30925" }, { "reference_url": "http://secunia.com/advisories/30973", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30973" }, { "reference_url": "http://secunia.com/advisories/30977", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30977" }, { "reference_url": "http://secunia.com/advisories/30979", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30979" }, { "reference_url": "http://secunia.com/advisories/30980", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30980" }, { "reference_url": "http://secunia.com/advisories/30988", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30988" }, { "reference_url": "http://secunia.com/advisories/30989", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30989" }, { "reference_url": "http://secunia.com/advisories/30998", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30998" }, { "reference_url": "http://secunia.com/advisories/31011", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31011" }, { "reference_url": "http://secunia.com/advisories/31012", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31012" }, { "reference_url": "http://secunia.com/advisories/31014", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31014" }, { "reference_url": "http://secunia.com/advisories/31019", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31019" }, { "reference_url": "http://secunia.com/advisories/31022", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31022" }, { "reference_url": "http://secunia.com/advisories/31030", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31030" }, { "reference_url": "http://secunia.com/advisories/31031", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31031" }, { "reference_url": "http://secunia.com/advisories/31033", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31033" }, { "reference_url": "http://secunia.com/advisories/31052", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31052" }, { "reference_url": "http://secunia.com/advisories/31065", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31065" }, { "reference_url": "http://secunia.com/advisories/31072", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31072" }, { "reference_url": "http://secunia.com/advisories/31093", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31093" }, { "reference_url": "http://secunia.com/advisories/31094", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31094" }, { "reference_url": "http://secunia.com/advisories/31137", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31137" }, { "reference_url": "http://secunia.com/advisories/31143", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31143" }, { "reference_url": "http://secunia.com/advisories/31151", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31151" }, { "reference_url": "http://secunia.com/advisories/31152", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31152" }, { "reference_url": "http://secunia.com/advisories/31153", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31153" }, { "reference_url": "http://secunia.com/advisories/31169", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31169" }, { "reference_url": "http://secunia.com/advisories/31197", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31197" }, { "reference_url": "http://secunia.com/advisories/31199", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31199" }, { "reference_url": "http://secunia.com/advisories/31204", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31204" }, { "reference_url": "http://secunia.com/advisories/31207", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31207" }, { "reference_url": "http://secunia.com/advisories/31209", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31209" }, { "reference_url": "http://secunia.com/advisories/31212", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31212" }, { "reference_url": "http://secunia.com/advisories/31213", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31213" }, { "reference_url": "http://secunia.com/advisories/31221", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31221" }, { "reference_url": "http://secunia.com/advisories/31236", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31236" }, { "reference_url": "http://secunia.com/advisories/31237", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31237" }, { "reference_url": "http://secunia.com/advisories/31254", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31254" }, { "reference_url": "http://secunia.com/advisories/31326", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31326" }, { "reference_url": "http://secunia.com/advisories/31354", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31354" }, { "reference_url": "http://secunia.com/advisories/31422", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31422" }, { "reference_url": "http://secunia.com/advisories/31430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31430" }, { "reference_url": "http://secunia.com/advisories/31451", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31451" }, { "reference_url": "http://secunia.com/advisories/31482", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31482" }, { "reference_url": "http://secunia.com/advisories/31495", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31495" }, { "reference_url": "http://secunia.com/advisories/31588", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31588" }, { "reference_url": "http://secunia.com/advisories/31687", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31687" }, { "reference_url": "http://secunia.com/advisories/31823", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31823" }, { "reference_url": "http://secunia.com/advisories/31882", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31882" }, { "reference_url": "http://secunia.com/advisories/31900", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31900" }, { "reference_url": "http://secunia.com/advisories/33178", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33178" }, { "reference_url": "http://secunia.com/advisories/33714", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33714" }, { "reference_url": "http://secunia.com/advisories/33786", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33786" }, { "reference_url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200807-08.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200807-08.xml" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-17.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201209-25.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201209-25.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1" }, { "reference_url": "http://support.apple.com/kb/HT3026", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3026" }, { "reference_url": "http://support.apple.com/kb/HT3129", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3129" }, { "reference_url": "http://support.citrix.com/article/CTX117991", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.citrix.com/article/CTX117991" }, { "reference_url": "http://support.citrix.com/article/CTX118183", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.citrix.com/article/CTX118183" }, { "reference_url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152" }, { "reference_url": "https://www.exploit-db.com/exploits/6122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/6122" }, { "reference_url": "https://www.exploit-db.com/exploits/6123", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/6123" }, { "reference_url": "https://www.exploit-db.com/exploits/6130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/6130" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231" }, { "reference_url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018" }, { "reference_url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning" }, { "reference_url": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.caughq.org/exploits/CAU-EX-2008-0002.txt" }, { "reference_url": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.caughq.org/exploits/CAU-EX-2008-0003.txt" }, { "reference_url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1603", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1603" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1604", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1604" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1605", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1605" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1619", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1619" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1623", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1623" }, { "reference_url": "http://www.doxpara.com/DMK_BO2K8.ppt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.doxpara.com/DMK_BO2K8.ppt" }, { "reference_url": "http://www.doxpara.com/?p=1176", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.doxpara.com/?p=1176" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26667", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26667" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26668", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26668" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26669", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26669" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26670", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26670" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26671", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26671" }, { "reference_url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26672", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ibm.com/support/docview.wss?uid=isg1IZ26672" }, { "reference_url": "http://www.ipcop.org/index.php?name=News&file=article&sid=40", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ipcop.org/index.php?name=News&file=article&sid=40" }, { "reference_url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php" }, { "reference_url": "http://www.kb.cert.org/vuls/id/800113", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/800113" }, { "reference_url": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/MIMG-7DWR4J" }, { "reference_url": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:139", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:139" }, { "reference_url": "http://www.nominum.com/asset_upload_file741_2661.pdf", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.nominum.com/asset_upload_file741_2661.pdf" }, { "reference_url": "http://www.novell.com/support/viewContent.do?externalId=7000912", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.novell.com/support/viewContent.do?externalId=7000912" }, { "reference_url": "http://www.openbsd.org/errata42.html#013_bind", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openbsd.org/errata42.html#013_bind" }, { "reference_url": "http://www.openbsd.org/errata43.html#004_bind", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openbsd.org/errata43.html#004_bind" }, { "reference_url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog" }, { "reference_url": "http://www.phys.uu.nl/~rombouts/pdnsd.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0789.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0789.html" }, { "reference_url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html" }, { "reference_url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30131", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30131" }, { "reference_url": "http://www.securitytracker.com/id?1020437", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020437" }, { "reference_url": "http://www.securitytracker.com/id?1020438", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020438" }, { "reference_url": "http://www.securitytracker.com/id?1020440", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020440" }, { "reference_url": "http://www.securitytracker.com/id?1020448", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020448" }, { "reference_url": "http://www.securitytracker.com/id?1020449", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020449" }, { "reference_url": "http://www.securitytracker.com/id?1020548", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020548" }, { "reference_url": "http://www.securitytracker.com/id?1020558", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020558" }, { "reference_url": "http://www.securitytracker.com/id?1020560", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020560" }, { "reference_url": "http://www.securitytracker.com/id?1020561", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020561" }, { "reference_url": "http://www.securitytracker.com/id?1020575", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020575" }, { "reference_url": "http://www.securitytracker.com/id?1020576", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020576" }, { "reference_url": "http://www.securitytracker.com/id?1020577", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020577" }, { "reference_url": "http://www.securitytracker.com/id?1020578", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020578" }, { "reference_url": "http://www.securitytracker.com/id?1020579", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020579" }, { "reference_url": "http://www.securitytracker.com/id?1020651", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020651" }, { "reference_url": "http://www.securitytracker.com/id?1020653", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020653" }, { "reference_url": "http://www.securitytracker.com/id?1020702", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020702" }, { "reference_url": "http://www.securitytracker.com/id?1020802", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020802" }, { "reference_url": "http://www.securitytracker.com/id?1020804", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020804" }, { "reference_url": "http://www.ubuntu.com/usn/usn-622-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-622-1" }, { "reference_url": "http://www.ubuntu.com/usn/usn-627-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-627-1" }, { "reference_url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA08-190A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA08-190A.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA08-190B.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA08-190B.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2019/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2019/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2023/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2023/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2025/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2025/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2029/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2029/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2030/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2030/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2050/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2050/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2051/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2051/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2052/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2052/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2055/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2055/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2092/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2092/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2113/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2113/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2114/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2114/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2123/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2123/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2139/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2139/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2166/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2166/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2195/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2195/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2196/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2196/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2197/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2197/references" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2268", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2268" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2291", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2291" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2334", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2334" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2342", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2342" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2377", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2377" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2383", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2383" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2384", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2384" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2466", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2466" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2467", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2467" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2482", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2482" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2525", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2525" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2549" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2558", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2558" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2582", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2582" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2584", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2584" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0297", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0297" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0311", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0311" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0622", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/0622" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=449345", "reference_id": "449345", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=449345" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123", "reference_id": "490123", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465", "reference_id": "492465", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698", "reference_id": "492698", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700", "reference_id": "492700", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599", "reference_id": "493599", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*", "reference_id": "cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1447", "reference_id": "CVE-2008-1447", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1447" }, { "reference_url": "https://security.gentoo.org/glsa/200807-08", "reference_id": "GLSA-200807-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200807-08" }, { "reference_url": "https://security.gentoo.org/glsa/200809-02", "reference_id": "GLSA-200809-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200809-02" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://security.gentoo.org/glsa/200901-03", "reference_id": "GLSA-200901-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200901-03" }, { "reference_url": "https://security.gentoo.org/glsa/201209-25", "reference_id": "GLSA-201209-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-25" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb", "reference_id": "OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py", "reference_id": "OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c", "reference_id": "OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232;OSVDB-46776", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0533", "reference_id": "RHSA-2008:0533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0533" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0789", "reference_id": "RHSA-2008:0789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0789" }, { "reference_url": "https://usn.ubuntu.com/622-1/", "reference_id": "USN-622-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/622-1/" }, { "reference_url": "https://usn.ubuntu.com/627-1/", "reference_id": "USN-627-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/627-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035824?format=api", "purl": "pkg:deb/debian/dnsmasq@2.45-1%2Blenny1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-4fwm-653p-ufcj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-antt-5fzu-87dw" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-bed9-8jhu-pkf9" }, { "vulnerability": "VCID-d3nu-fztq-nffg" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-huvr-uav1-ffex" }, { "vulnerability": "VCID-hxys-tpgq-3uf6" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-jum5-ndq3-xbhp" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nc6t-132e-cqda" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.45-1%252Blenny1" } ], "aliases": [ "CVE-2008-1447" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8fbf-8fea-27d9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46211?format=api", "vulnerability_id": "VCID-a9ya-bnnp-hyc4", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25685.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25685.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54629", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54715", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54752", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54736", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54699", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54722", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54692", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54744", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.5474", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", "reference_id": "1889688", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889688" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0153", "reference_id": "RHSA-2021:0153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0154", "reference_id": "RHSA-2021:0154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0155", "reference_id": "RHSA-2021:0155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0156", "reference_id": "RHSA-2021:0156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0240", "reference_id": "RHSA-2021:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0245", "reference_id": "RHSA-2021:0245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0395", "reference_id": "RHSA-2021:0395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0401", "reference_id": "RHSA-2021:0401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0401" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2020-25685" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a9ya-bnnp-hyc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37085?format=api", "vulnerability_id": "VCID-antt-5fzu-87dw", "summary": "Multiple vulnerabilities in Dnsmasq might result in the remote execution of\n arbitrary code, or a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2958.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2958.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2958", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01131", "scoring_system": "epss", "scoring_elements": "0.78273", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01131", "scoring_system": "epss", "scoring_elements": "0.7828", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01131", "scoring_system": "epss", "scoring_elements": "0.78311", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01131", "scoring_system": "epss", "scoring_elements": "0.78293", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01131", "scoring_system": "epss", "scoring_elements": "0.78319", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01131", "scoring_system": "epss", "scoring_elements": "0.78325", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01131", "scoring_system": "epss", "scoring_elements": "0.78351", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01131", "scoring_system": "epss", "scoring_elements": "0.78334", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01131", "scoring_system": "epss", "scoring_elements": "0.78327", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=519020", "reference_id": "519020", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=519020" }, { "reference_url": "https://security.gentoo.org/glsa/200909-19", "reference_id": "GLSA-200909-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200909-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1238", "reference_id": "RHSA-2009:1238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1238" }, { "reference_url": "https://usn.ubuntu.com/827-1/", "reference_id": "USN-827-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/827-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035825?format=api", "purl": "pkg:deb/debian/dnsmasq@2.55-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-4fwm-653p-ufcj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-d3nu-fztq-nffg" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-huvr-uav1-ffex" }, { "vulnerability": "VCID-hxys-tpgq-3uf6" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-jum5-ndq3-xbhp" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nc6t-132e-cqda" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.55-2" } ], "aliases": [ "CVE-2009-2958" ], "risk_score": null, "exploitability": "2.0", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-antt-5fzu-87dw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46045?format=api", "vulnerability_id": "VCID-b2dc-msms-bfee", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html" }, { "reference_url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", "reference_id": "", "reference_type": "", "scores": [], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14493.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14493.json" }, { "reference_url": "https://access.redhat.com/security/vulnerabilities/3199382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/vulnerabilities/3199382" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14493", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05344", "scoring_system": "epss", "scoring_elements": "0.90026", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05344", "scoring_system": "epss", "scoring_elements": "0.90067", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05344", "scoring_system": "epss", "scoring_elements": "0.90045", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05344", "scoring_system": "epss", "scoring_elements": "0.9006", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05344", "scoring_system": "epss", "scoring_elements": "0.90066", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05344", "scoring_system": "epss", "scoring_elements": "0.90075", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05344", "scoring_system": "epss", "scoring_elements": "0.90073", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05344", "scoring_system": "epss", "scoring_elements": "0.90029", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05344", "scoring_system": "epss", "scoring_elements": "0.9004", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:L/Au:N/C:N/I:P/A:P" }, { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html" }, { "reference_url": "https://www.exploit-db.com/exploits/42943/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/42943/" }, { "reference_url": "https://www.kb.cert.org/vuls/id/973527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.kb.cert.org/vuls/id/973527" }, { "reference_url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html" }, { "reference_url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html" }, { "reference_url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq" }, { "reference_url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG", "reference_id": "", "reference_type": "", "scores": [], "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG" }, { "reference_url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=3d4ff1ba8419546490b464418223132529514033", "reference_id": "", "reference_type": "", "scores": [], "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=3d4ff1ba8419546490b464418223132529514033" }, { "reference_url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3989", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3989" }, { "reference_url": "http://www.securityfocus.com/bid/101085", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101085" }, { "reference_url": "http://www.securitytracker.com/id/1039474", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039474" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3430-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3430-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3430-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3430-2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495411", "reference_id": "1495411", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495411" }, { "reference_url": "https://security.archlinux.org/ASA-201710-1", "reference_id": "ASA-201710-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-1" }, { "reference_url": "https://security.archlinux.org/AVG-421", "reference_id": "AVG-421", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-421" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42943.py", "reference_id": "CVE-2017-14493", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42943.py" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14493", "reference_id": "CVE-2017-14493", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14493" }, { "reference_url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14493.py", "reference_id": "CVE-2017-14493", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14493.py" }, { "reference_url": "https://security.gentoo.org/glsa/201710-27", "reference_id": "GLSA-201710-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2836", "reference_id": "RHSA-2017:2836", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2836" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2837", "reference_id": "RHSA-2017:2837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2837" }, { "reference_url": "https://usn.ubuntu.com/3430-1/", "reference_id": "USN-3430-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-1/" }, { "reference_url": "https://usn.ubuntu.com/3430-2/", "reference_id": "USN-3430-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035829?format=api", "purl": "pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-4fwm-653p-ufcj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-d3nu-fztq-nffg" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-huvr-uav1-ffex" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037114?format=api", "purl": "pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" } ], "aliases": [ "CVE-2017-14493" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b2dc-msms-bfee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37084?format=api", "vulnerability_id": "VCID-bed9-8jhu-pkf9", "summary": "Multiple vulnerabilities in Dnsmasq might result in the remote execution of\n arbitrary code, or a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2957.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2957.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2957", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08525", "scoring_system": "epss", "scoring_elements": "0.92345", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08525", "scoring_system": "epss", "scoring_elements": "0.92352", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08525", "scoring_system": "epss", "scoring_elements": "0.92359", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08525", "scoring_system": "epss", "scoring_elements": "0.92362", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08525", "scoring_system": "epss", "scoring_elements": "0.92374", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08525", "scoring_system": "epss", "scoring_elements": "0.92379", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08525", "scoring_system": "epss", "scoring_elements": "0.92384", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08525", "scoring_system": "epss", "scoring_elements": "0.92387", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08525", "scoring_system": "epss", "scoring_elements": "0.92385", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=519020", "reference_id": "519020", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=519020" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9617.txt", "reference_id": "CVE-2009-2958;CVE-2009-2957;OSVDB-57593;OSVDB-57592", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9617.txt" }, { "reference_url": "http://www.coresecurity.com/content/dnsmasq-vulnerabilities", "reference_id": "CVE-2009-2958;CVE-2009-2957;OSVDB-57593;OSVDB-57592", "reference_type": "exploit", "scores": [], "url": "http://www.coresecurity.com/content/dnsmasq-vulnerabilities" }, { "reference_url": "https://security.gentoo.org/glsa/200909-19", "reference_id": "GLSA-200909-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200909-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1238", "reference_id": "RHSA-2009:1238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1238" }, { "reference_url": "https://usn.ubuntu.com/827-1/", "reference_id": "USN-827-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/827-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035825?format=api", "purl": "pkg:deb/debian/dnsmasq@2.55-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-4fwm-653p-ufcj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-d3nu-fztq-nffg" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-huvr-uav1-ffex" }, { "vulnerability": "VCID-hxys-tpgq-3uf6" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-jum5-ndq3-xbhp" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nc6t-132e-cqda" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.55-2" } ], "aliases": [ "CVE-2009-2957" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bed9-8jhu-pkf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60388?format=api", "vulnerability_id": "VCID-d3nu-fztq-nffg", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3294.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3294.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3294", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.39998", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40145", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40171", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40092", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40158", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40168", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.4013", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40111", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3294" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1215747", "reference_id": "1215747", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1215747" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783459", "reference_id": "783459", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783459" }, { "reference_url": "https://security.gentoo.org/glsa/201512-01", "reference_id": "GLSA-201512-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201512-01" }, { "reference_url": "https://usn.ubuntu.com/2593-1/", "reference_id": "USN-2593-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2593-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035827?format=api", "purl": "pkg:deb/debian/dnsmasq@2.62-3%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-4fwm-653p-ufcj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-d3nu-fztq-nffg" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-huvr-uav1-ffex" }, { "vulnerability": "VCID-hxys-tpgq-3uf6" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-jum5-ndq3-xbhp" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nc6t-132e-cqda" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.62-3%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035829?format=api", "purl": "pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-4fwm-653p-ufcj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-d3nu-fztq-nffg" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-huvr-uav1-ffex" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037114?format=api", "purl": "pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2" } ], "aliases": [ "CVE-2015-3294" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d3nu-fztq-nffg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61409?format=api", "vulnerability_id": "VCID-gnkg-afmr-r7aq", "summary": "Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0934.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0934.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06784", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06626", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06687", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06731", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06715", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06766", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06799", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06797", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06791", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0934" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html", "reference_id": "016272.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014715", "reference_id": "1014715", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014715" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2057075", "reference_id": "2057075", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2057075" }, { "reference_url": "https://security.archlinux.org/AVG-2716", "reference_id": "AVG-2716", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2716" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2022-0934", "reference_id": "CVE-2022-0934", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2022-0934" }, { "reference_url": "https://security.gentoo.org/glsa/202412-10", "reference_id": "GLSA-202412-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-10" }, { "reference_url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39", "reference_id": "?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/" } ], "url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7633", "reference_id": "RHSA-2022:7633", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7633" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8070", "reference_id": "RHSA-2022:8070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1545", "reference_id": "RHSA-2024:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1545" }, { "reference_url": "https://usn.ubuntu.com/5408-1/", "reference_id": "USN-5408-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5408-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585985?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1" } ], "aliases": [ "CVE-2022-0934" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gnkg-afmr-r7aq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84044?format=api", "vulnerability_id": "VCID-hr7r-mgk2-67aw", "summary": "dnsmasq: Size parameter overflow via large DNS query", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13704.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13704.json" }, { "reference_url": "https://access.redhat.com/security/vulnerabilities/3199382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/vulnerabilities/3199382" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-13704", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.79318", "scoring_system": "epss", "scoring_elements": "0.99064", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.79318", "scoring_system": "epss", "scoring_elements": "0.99075", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.79318", "scoring_system": "epss", "scoring_elements": "0.99073", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.79318", "scoring_system": "epss", "scoring_elements": "0.99074", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.79318", "scoring_system": "epss", "scoring_elements": "0.99065", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.79318", "scoring_system": "epss", "scoring_elements": "0.9907", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.79318", "scoring_system": "epss", "scoring_elements": "0.99072", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-13704" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13704" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/" }, { "reference_url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html" }, { "reference_url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html" }, { "reference_url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html" }, { "reference_url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq" }, { "reference_url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG", "reference_id": "", "reference_type": "", "scores": [], "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG" }, { "reference_url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928", "reference_id": "", "reference_type": "", "scores": [], "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928" }, { "reference_url": "http://www.securityfocus.com/bid/101085", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101085" }, { "reference_url": "http://www.securityfocus.com/bid/101977", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101977" }, { "reference_url": "http://www.securitytracker.com/id/1039474", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039474" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495510", "reference_id": "1495510", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495510" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877102", "reference_id": "877102", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877102" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13704", "reference_id": "CVE-2017-13704", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13704" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" } ], "aliases": [ "CVE-2017-13704" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hr7r-mgk2-67aw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82285?format=api", "vulnerability_id": "VCID-huvr-uav1-ffex", "summary": "dnsmasq: Improper bounds checking leads to a buffer overread", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14513.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14513.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14513", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14595", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14644", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14715", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14527", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14616", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14673", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14633", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14535", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14513" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1739422", "reference_id": "1739422", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1739422" }, { "reference_url": "https://usn.ubuntu.com/4924-1/", "reference_id": "USN-4924-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4924-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037114?format=api", "purl": "pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2" } ], "aliases": [ "CVE-2019-14513" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-huvr-uav1-ffex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33672?format=api", "vulnerability_id": "VCID-hxys-tpgq-3uf6", "summary": "A vulnerability in Dnsmasq can lead to a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0198.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0198.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0198", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15801", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15857", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15923", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15985", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15785", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1587", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15932", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15908", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0198" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0198", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0198" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:072", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:072" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/01/18/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/01/18/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/01/18/7", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/01/18/7" }, { "reference_url": "http://www.thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=22ce550e5346947a12a781ed0959a7b1165d0dc6", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=22ce550e5346947a12a781ed0959a7b1165d0dc6" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=894486", "reference_id": "894486", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=894486" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0198", "reference_id": "CVE-2013-0198", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0198" }, { "reference_url": "https://security.gentoo.org/glsa/201406-24", "reference_id": "GLSA-201406-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-24" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035828?format=api", "purl": "pkg:deb/debian/dnsmasq@2.72-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-4fwm-653p-ufcj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-d3nu-fztq-nffg" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-huvr-uav1-ffex" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3" } ], "aliases": [ "CVE-2013-0198" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hxys-tpgq-3uf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46212?format=api", "vulnerability_id": "VCID-jj87-61kf-mufs", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25686.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25686.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61242", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61368", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61402", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61387", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61321", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6135", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61319", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61366", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61381", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", "reference_id": "1890125", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890125" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0153", "reference_id": "RHSA-2021:0153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0154", "reference_id": "RHSA-2021:0154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0155", "reference_id": "RHSA-2021:0155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0156", "reference_id": "RHSA-2021:0156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0240", "reference_id": "RHSA-2021:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0245", "reference_id": "RHSA-2021:0245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0395", "reference_id": "RHSA-2021:0395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0401", "reference_id": "RHSA-2021:0401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0401" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2020-25686" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jj87-61kf-mufs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33671?format=api", "vulnerability_id": "VCID-jum5-ndq3-xbhp", "summary": "A vulnerability in Dnsmasq can lead to a Denial of Service\n condition.", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0276.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0276.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0277.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0277.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0579.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0579.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3411.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3411.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3411", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75323", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75267", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75271", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75304", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75282", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75324", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75335", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75356", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75334", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3411" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3411", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3411" }, { "reference_url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=2f38141f434e23292f84cefc33e8de76fb856147", "reference_id": "", "reference_type": "", "scores": [], "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=2f38141f434e23292f84cefc33e8de76fb856147" }, { "reference_url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=54dd393f3938fc0c19088fbd319b95e37d81a2b0", "reference_id": "", "reference_type": "", "scores": [], "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=54dd393f3938fc0c19088fbd319b95e37d81a2b0" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:072", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:072" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/07/12/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2012/07/12/5" }, { "reference_url": "http://www.securityfocus.com/bid/54353", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/54353" }, { "reference_url": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372", "reference_id": "683372", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=833033", "reference_id": "833033", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=833033" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3411", "reference_id": "CVE-2012-3411", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3411" }, { "reference_url": "https://security.gentoo.org/glsa/201406-24", "reference_id": "GLSA-201406-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0276", "reference_id": "RHSA-2013:0276", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0276" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0277", "reference_id": "RHSA-2013:0277", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0277" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0579", "reference_id": "RHSA-2013:0579", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0579" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035828?format=api", "purl": "pkg:deb/debian/dnsmasq@2.72-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-4fwm-653p-ufcj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-d3nu-fztq-nffg" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-huvr-uav1-ffex" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3" } ], "aliases": [ "CVE-2012-3411" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jum5-ndq3-xbhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46043?format=api", "vulnerability_id": "VCID-k9w6-f6aw-dbey", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14491.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14491.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14491", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.57794", "scoring_system": "epss", "scoring_elements": "0.98177", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.57794", "scoring_system": "epss", "scoring_elements": "0.98176", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.62655", "scoring_system": "epss", "scoring_elements": "0.98378", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.62655", "scoring_system": "epss", "scoring_elements": "0.98361", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.62655", "scoring_system": "epss", "scoring_elements": "0.98364", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.62655", "scoring_system": "epss", "scoring_elements": "0.98366", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.62655", "scoring_system": "epss", "scoring_elements": "0.9837", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.62655", "scoring_system": "epss", "scoring_elements": "0.98374", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.62655", "scoring_system": "epss", "scoring_elements": "0.98376", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409", "reference_id": "1495409", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409" }, { "reference_url": "https://security.archlinux.org/ASA-201710-1", "reference_id": "ASA-201710-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-1" }, { "reference_url": "https://security.archlinux.org/AVG-421", "reference_id": "AVG-421", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-421" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42941.py", "reference_id": "CVE-2017-14491", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42941.py" }, { "reference_url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14491.py", "reference_id": "CVE-2017-14491", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14491.py" }, { "reference_url": "https://security.gentoo.org/glsa/201710-27", "reference_id": "GLSA-201710-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2836", "reference_id": "RHSA-2017:2836", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2836" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2837", "reference_id": "RHSA-2017:2837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2838", "reference_id": "RHSA-2017:2838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2839", "reference_id": "RHSA-2017:2839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2840", "reference_id": "RHSA-2017:2840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2841", "reference_id": "RHSA-2017:2841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2841" }, { "reference_url": "https://usn.ubuntu.com/3430-1/", "reference_id": "USN-3430-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-1/" }, { "reference_url": "https://usn.ubuntu.com/3430-2/", "reference_id": "USN-3430-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035829?format=api", "purl": "pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-4fwm-653p-ufcj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-d3nu-fztq-nffg" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-huvr-uav1-ffex" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037114?format=api", "purl": "pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" } ], "aliases": [ "CVE-2017-14491" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k9w6-f6aw-dbey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46209?format=api", "vulnerability_id": "VCID-khrt-9ar9-wbc3", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25683.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25683.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.9674", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.9677", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.96764", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.96767", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.9675", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.96751", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.96756", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.96763", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", "reference_id": "1882018", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1882018" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2020-25683" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-khrt-9ar9-wbc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46044?format=api", "vulnerability_id": "VCID-kxbw-1fr9-8kb3", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html" }, { "reference_url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", "reference_id": "", "reference_type": "", "scores": [], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14492.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14492.json" }, { "reference_url": "https://access.redhat.com/security/vulnerabilities/3199382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/vulnerabilities/3199382" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.92841", "scoring_system": "epss", "scoring_elements": "0.99763", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.92841", "scoring_system": "epss", "scoring_elements": "0.99766", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.92841", "scoring_system": "epss", "scoring_elements": "0.99764", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.92841", "scoring_system": "epss", "scoring_elements": "0.99765", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14492" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:L/Au:N/C:N/I:P/A:P" }, { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html" }, { "reference_url": "https://www.exploit-db.com/exploits/42942/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/42942/" }, { "reference_url": "https://www.kb.cert.org/vuls/id/973527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.kb.cert.org/vuls/id/973527" }, { "reference_url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html" }, { "reference_url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html" }, { "reference_url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq" }, { "reference_url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG", "reference_id": "", "reference_type": "", "scores": [], "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG" }, { "reference_url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=24036ea507862c7b7898b68289c8130f85599c10", "reference_id": "", "reference_type": "", "scores": [], "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=24036ea507862c7b7898b68289c8130f85599c10" }, { "reference_url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3989", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3989" }, { "reference_url": "http://www.securityfocus.com/bid/101085", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101085" }, { "reference_url": "http://www.securitytracker.com/id/1039474", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039474" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3430-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3430-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3430-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3430-2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495410", "reference_id": "1495410", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495410" }, { "reference_url": "https://security.archlinux.org/ASA-201710-1", "reference_id": "ASA-201710-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-1" }, { "reference_url": "https://security.archlinux.org/AVG-421", "reference_id": "AVG-421", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-421" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42942.py", "reference_id": "CVE-2017-14492", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42942.py" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14492", "reference_id": "CVE-2017-14492", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14492" }, { "reference_url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14492.py", "reference_id": "CVE-2017-14492", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14492.py" }, { "reference_url": "https://security.gentoo.org/glsa/201710-27", "reference_id": "GLSA-201710-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2836", "reference_id": "RHSA-2017:2836", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2836" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2837", "reference_id": "RHSA-2017:2837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2837" }, { "reference_url": "https://usn.ubuntu.com/3430-1/", "reference_id": "USN-3430-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-1/" }, { "reference_url": "https://usn.ubuntu.com/3430-2/", "reference_id": "USN-3430-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035829?format=api", "purl": "pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-4fwm-653p-ufcj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-d3nu-fztq-nffg" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-huvr-uav1-ffex" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037114?format=api", "purl": "pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" } ], "aliases": [ "CVE-2017-14492" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kxbw-1fr9-8kb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81120?format=api", "vulnerability_id": "VCID-nc6t-132e-cqda", "summary": "dnsmasq: insecure default configuration makes it an open resolver", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14312.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14312.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14312", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32749", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3288", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32915", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32737", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32785", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32811", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32813", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32775", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14312" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851342", "reference_id": "1851342", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851342" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732610", "reference_id": "732610", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732610" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035828?format=api", "purl": "pkg:deb/debian/dnsmasq@2.72-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-4fwm-653p-ufcj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-d3nu-fztq-nffg" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-huvr-uav1-ffex" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3" } ], "aliases": [ "CVE-2020-14312" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nc6t-132e-cqda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46213?format=api", "vulnerability_id": "VCID-nrja-2ajq-mfek", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25687.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25687.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95739", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95776", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.9577", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95774", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95748", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95756", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95759", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95767", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25687" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", "reference_id": "1891568", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891568" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2020-25687" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nrja-2ajq-mfek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46210?format=api", "vulnerability_id": "VCID-nute-d491-mqa9", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25684.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25684.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49417", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49466", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49492", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49464", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49445", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49472", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.4948", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49475", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", "reference_id": "1889686", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889686" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0153", "reference_id": "RHSA-2021:0153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0154", "reference_id": "RHSA-2021:0154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0155", "reference_id": "RHSA-2021:0155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0156", "reference_id": "RHSA-2021:0156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0240", "reference_id": "RHSA-2021:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0245", "reference_id": "RHSA-2021:0245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0395", "reference_id": "RHSA-2021:0395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0401", "reference_id": "RHSA-2021:0401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0401" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2020-25684" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nute-d491-mqa9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90523?format=api", "vulnerability_id": "VCID-ny7u-m7rb-kkh3", "summary": "dnsmasq 2.25 allows remote attackers to cause a denial of service (daemon crash) by (1) renewing a nonexistent lease or (2) sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon.", "references": [ { "reference_url": "http://freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=217681", "reference_id": "", "reference_type": "", "scores": [], "url": "http://freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=217681" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3214.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3214.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3214", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47449", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47389", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47423", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47444", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47393", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47448", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47445", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47468", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47443", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3214" }, { "reference_url": "https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/47438", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/47438" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3214" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43929" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/06/30/7", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/06/30/7" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/07/01/8", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/07/01/8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/07/02/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/07/02/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/07/03/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/07/03/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/07/08/8", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/07/08/8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/07/12/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/07/12/3" }, { "reference_url": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:2.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:thekelleys:dnsmasq:2.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:2.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3214", "reference_id": "CVE-2008-3214", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3214" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035822?format=api", "purl": "pkg:deb/debian/dnsmasq@2.35-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3x7u-ajbx-6fht" }, { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-4fwm-653p-ufcj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-8fbf-8fea-27d9" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-antt-5fzu-87dw" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-bed9-8jhu-pkf9" }, { "vulnerability": "VCID-d3nu-fztq-nffg" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-huvr-uav1-ffex" }, { "vulnerability": "VCID-hxys-tpgq-3uf6" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-jum5-ndq3-xbhp" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nc6t-132e-cqda" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.35-1" } ], "aliases": [ "CVE-2008-3214" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ny7u-m7rb-kkh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61410?format=api", "vulnerability_id": "VCID-p726-bqvu-dfda", "summary": "Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28450.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28450.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01618", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01607", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01624", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01626", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01633", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01619", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01609", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28450" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28450" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033165", "reference_id": "1033165", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033165" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178948", "reference_id": "2178948", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178948" }, { "reference_url": "https://capec.mitre.org/data/definitions/495.html", "reference_id": "495.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://capec.mitre.org/data/definitions/495.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV/", "reference_id": "6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV/" }, { "reference_url": "https://thekelleys.org.uk/dnsmasq/doc.html", "reference_id": "doc.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://thekelleys.org.uk/dnsmasq/doc.html" }, { "reference_url": "https://security.gentoo.org/glsa/202412-10", "reference_id": "GLSA-202412-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-10" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA/", "reference_id": "OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA/" }, { "reference_url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG", "reference_id": "?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG" }, { "reference_url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5", "reference_id": "?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6524", "reference_id": "RHSA-2023:6524", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6524" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7046", "reference_id": "RHSA-2023:7046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1544", "reference_id": "RHSA-2024:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1545", "reference_id": "RHSA-2024:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4052", "reference_id": "RHSA-2024:4052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4052" }, { "reference_url": "https://usn.ubuntu.com/6034-1/", "reference_id": "USN-6034-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6034-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-1/", "reference_id": "USN-6657-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-2/", "reference_id": "USN-6657-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585985?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1" } ], "aliases": [ "CVE-2023-28450" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p726-bqvu-dfda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64683?format=api", "vulnerability_id": "VCID-qs1p-1j9u-3khg", "summary": "dnsmasq: dnsmasq-utils 'dhcp_release' Denial of Service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-37127.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-37127.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-37127", "reference_id": "", "reference_type": "", "scores": [ { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00393", "published_at": "2026-04-01T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00397", "published_at": "2026-04-04T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00377", "published_at": "2026-04-13T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00386", "published_at": "2026-04-07T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00383", "published_at": "2026-04-08T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00384", "published_at": "2026-04-09T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00382", "published_at": "2026-04-11T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00378", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-37127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-37127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-37127" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437103", "reference_id": "2437103", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437103" }, { "reference_url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1", "reference_id": "2.79-1", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T21:17:56Z/" } ], "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1" }, { "reference_url": "https://www.exploit-db.com/exploits/48301", "reference_id": "48301", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T21:17:56Z/" } ], "url": "https://www.exploit-db.com/exploits/48301" }, { "reference_url": "https://www.vulncheck.com/advisories/dnsmasq-utils-dhcprelease-denial-of-service", "reference_id": "dnsmasq-utils-dhcprelease-denial-of-service", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T21:17:56Z/" } ], "url": "https://www.vulncheck.com/advisories/dnsmasq-utils-dhcprelease-denial-of-service" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" } ], "aliases": [ "CVE-2020-37127" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qs1p-1j9u-3khg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46048?format=api", "vulnerability_id": "VCID-r15f-fgv8-s3h2", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html" }, { "reference_url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", "reference_id": "", "reference_type": "", "scores": [], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14495.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14495.json" }, { "reference_url": "https://access.redhat.com/security/vulnerabilities/3199382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/vulnerabilities/3199382" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14495", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.53317", "scoring_system": "epss", "scoring_elements": "0.9796", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.53317", "scoring_system": "epss", "scoring_elements": "0.9798", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.53317", "scoring_system": "epss", "scoring_elements": "0.97968", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.53317", "scoring_system": "epss", "scoring_elements": "0.97973", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.53317", "scoring_system": "epss", "scoring_elements": "0.97974", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.53317", "scoring_system": "epss", "scoring_elements": "0.97977", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.53317", "scoring_system": "epss", "scoring_elements": "0.97979", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.53317", "scoring_system": "epss", "scoring_elements": "0.97963", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.53317", "scoring_system": "epss", "scoring_elements": "0.97965", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14495" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14495", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14495" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html" }, { "reference_url": "https://www.exploit-db.com/exploits/42945/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/42945/" }, { "reference_url": "https://www.kb.cert.org/vuls/id/973527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.kb.cert.org/vuls/id/973527" }, { "reference_url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html" }, { "reference_url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html" }, { "reference_url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq" }, { "reference_url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG", "reference_id": "", "reference_type": "", "scores": [], "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG" }, { "reference_url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=51eadb692a5123b9838e5a68ecace3ac579a3a45", "reference_id": "", "reference_type": "", "scores": [], "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=51eadb692a5123b9838e5a68ecace3ac579a3a45" }, { "reference_url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3989", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3989" }, { "reference_url": "http://www.securityfocus.com/bid/101085", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101085" }, { "reference_url": "http://www.securityfocus.com/bid/101977", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101977" }, { "reference_url": "http://www.securitytracker.com/id/1039474", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039474" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3430-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3430-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3430-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3430-2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495415", "reference_id": "1495415", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495415" }, { "reference_url": "https://security.archlinux.org/ASA-201710-1", "reference_id": "ASA-201710-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-1" }, { "reference_url": "https://security.archlinux.org/AVG-421", "reference_id": "AVG-421", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-421" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42945.py", "reference_id": "CVE-2017-14495", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42945.py" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14495", "reference_id": "CVE-2017-14495", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14495" }, { "reference_url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14495.py", "reference_id": "CVE-2017-14495", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14495.py" }, { "reference_url": "https://security.gentoo.org/glsa/201710-27", "reference_id": "GLSA-201710-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2836", "reference_id": "RHSA-2017:2836", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2836" }, { "reference_url": "https://usn.ubuntu.com/3430-1/", "reference_id": "USN-3430-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-1/" }, { "reference_url": "https://usn.ubuntu.com/3430-2/", "reference_id": "USN-3430-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" } ], "aliases": [ "CVE-2017-14495" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r15f-fgv8-s3h2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46049?format=api", "vulnerability_id": "VCID-ru4r-dtwq-sub2", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html" }, { "reference_url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", "reference_id": "", "reference_type": "", "scores": [], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14496.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14496.json" }, { "reference_url": "https://access.redhat.com/security/vulnerabilities/3199382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/vulnerabilities/3199382" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14496", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16883", "scoring_system": "epss", "scoring_elements": "0.94927", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.16883", "scoring_system": "epss", "scoring_elements": "0.9496", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.16883", "scoring_system": "epss", "scoring_elements": "0.94951", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.16883", "scoring_system": "epss", "scoring_elements": "0.94956", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.16883", "scoring_system": "epss", "scoring_elements": "0.94958", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.16883", "scoring_system": "epss", "scoring_elements": "0.94935", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.16883", "scoring_system": "epss", "scoring_elements": "0.94937", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.16883", "scoring_system": "epss", "scoring_elements": "0.94938", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.16883", "scoring_system": "epss", "scoring_elements": "0.94947", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14496" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14496" }, { "reference_url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html" }, { "reference_url": "https://source.android.com/security/bulletin/2017-10-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://source.android.com/security/bulletin/2017-10-01" }, { "reference_url": "https://www.exploit-db.com/exploits/42946/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/42946/" }, { "reference_url": "https://www.kb.cert.org/vuls/id/973527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.kb.cert.org/vuls/id/973527" }, { "reference_url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html" }, { "reference_url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html" }, { "reference_url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq" }, { "reference_url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG", "reference_id": "", "reference_type": "", "scores": [], "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG" }, { "reference_url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=897c113fda0886a28a986cc6ba17bb93bd6cb1c7", "reference_id": "", "reference_type": "", "scores": [], "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=897c113fda0886a28a986cc6ba17bb93bd6cb1c7" }, { "reference_url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3989", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3989" }, { "reference_url": "http://www.securityfocus.com/bid/101085", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101085" }, { "reference_url": "http://www.securityfocus.com/bid/101977", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101977" }, { "reference_url": "http://www.securitytracker.com/id/1039474", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039474" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3430-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3430-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3430-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3430-2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495416", "reference_id": "1495416", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495416" }, { "reference_url": "https://security.archlinux.org/ASA-201710-1", "reference_id": "ASA-201710-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-1" }, { "reference_url": "https://security.archlinux.org/AVG-421", "reference_id": "AVG-421", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-421" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42946.py", "reference_id": "CVE-2017-14496", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42946.py" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14496", "reference_id": "CVE-2017-14496", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14496" }, { "reference_url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14496.py", "reference_id": "CVE-2017-14496", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14496.py" }, { "reference_url": "https://security.gentoo.org/glsa/201710-27", "reference_id": "GLSA-201710-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2836", "reference_id": "RHSA-2017:2836", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2836" }, { "reference_url": "https://usn.ubuntu.com/3430-1/", "reference_id": "USN-3430-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-1/" }, { "reference_url": "https://usn.ubuntu.com/3430-2/", "reference_id": "USN-3430-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" } ], "aliases": [ "CVE-2017-14496" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ru4r-dtwq-sub2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46046?format=api", "vulnerability_id": "VCID-snzd-3st5-8yb1", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html" }, { "reference_url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", "reference_id": "", "reference_type": "", "scores": [], "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14494.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14494.json" }, { "reference_url": "https://access.redhat.com/security/vulnerabilities/3199382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/vulnerabilities/3199382" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10987", "scoring_system": "epss", "scoring_elements": "0.93389", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.10987", "scoring_system": "epss", "scoring_elements": "0.93423", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.10987", "scoring_system": "epss", "scoring_elements": "0.93405", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.10987", "scoring_system": "epss", "scoring_elements": "0.93413", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.10987", "scoring_system": "epss", "scoring_elements": "0.93417", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.10987", "scoring_system": "epss", "scoring_elements": "0.93422", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.10987", "scoring_system": "epss", "scoring_elements": "0.93421", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.10987", "scoring_system": "epss", "scoring_elements": "0.93397", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html" }, { "reference_url": "https://www.exploit-db.com/exploits/42944/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/42944/" }, { "reference_url": "https://www.kb.cert.org/vuls/id/973527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.kb.cert.org/vuls/id/973527" }, { "reference_url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html" }, { "reference_url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html" }, { "reference_url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq" }, { "reference_url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG", "reference_id": "", "reference_type": "", "scores": [], "url": "http://thekelleys.org.uk/dnsmasq/CHANGELOG" }, { "reference_url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=33e3f1029c9ec6c63e430ff51063a6301d4b2262", "reference_id": "", "reference_type": "", "scores": [], "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=33e3f1029c9ec6c63e430ff51063a6301d4b2262" }, { "reference_url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3989", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3989" }, { "reference_url": "http://www.securityfocus.com/bid/101085", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101085" }, { "reference_url": "http://www.securitytracker.com/id/1039474", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039474" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3430-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3430-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3430-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3430-2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495412", "reference_id": "1495412", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495412" }, { "reference_url": "https://security.archlinux.org/ASA-201710-1", "reference_id": "ASA-201710-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-1" }, { "reference_url": "https://security.archlinux.org/AVG-421", "reference_id": "AVG-421", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-421" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42944.py", "reference_id": "CVE-2017-14494", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42944.py" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14494", "reference_id": "CVE-2017-14494", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14494" }, { "reference_url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14494.py", "reference_id": "CVE-2017-14494", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14494.py" }, { "reference_url": "https://security.gentoo.org/glsa/201710-27", "reference_id": "GLSA-201710-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2836", "reference_id": "RHSA-2017:2836", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2836" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2837", "reference_id": "RHSA-2017:2837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2837" }, { "reference_url": "https://usn.ubuntu.com/3430-1/", "reference_id": "USN-3430-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-1/" }, { "reference_url": "https://usn.ubuntu.com/3430-2/", "reference_id": "USN-3430-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035829?format=api", "purl": "pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-4fwm-653p-ufcj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-d3nu-fztq-nffg" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-huvr-uav1-ffex" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037114?format=api", "purl": "pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" } ], "aliases": [ "CVE-2017-14494" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-snzd-3st5-8yb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61412?format=api", "vulnerability_id": "VCID-vprj-j7u6-zbe7", "summary": "Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93712", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93708", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93706", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93696", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93684", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93713", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93694", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html", "reference_id": "017430.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845", "reference_id": "1063845", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852", "reference_id": "1063852", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751", "reference_id": "1077751", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/2" }, { "reference_url": "https://www.isc.org/blogs/2024-bind-security-release/", "reference_id": "2024-bind-security-release", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://www.isc.org/blogs/2024-bind-security-release/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263917", "reference_id": "2263917", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263917" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/", "reference_id": "6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/", "reference_id": "BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/" }, { "reference_url": "https://kb.isc.org/docs/cve-2023-50868", "reference_id": "cve-2023-50868", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://kb.isc.org/docs/cve-2023-50868" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-50868", "reference_id": "CVE-2023-50868", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-50868" }, { "reference_url": "https://security.gentoo.org/glsa/202412-10", "reference_id": "GLSA-202412-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-10" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/", "reference_id": "HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/", "reference_id": "IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html", "reference_id": "msg00006.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240307-0008/", "reference_id": "ntap-20240307-0008", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240307-0008/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/", "reference_id": "PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html", "reference_id": "powerdns-advisory-2024-01.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html" }, { "reference_url": "https://datatracker.ietf.org/doc/html/rfc5155", "reference_id": "rfc5155", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://datatracker.ietf.org/doc/html/rfc5155" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/", "reference_id": "RGS7JN6FZXUSTC2XKQHH27574XOULYYJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0965", "reference_id": "RHSA-2024:0965", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0965" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0977", "reference_id": "RHSA-2024:0977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0981", "reference_id": "RHSA-2024:0981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0982", "reference_id": "RHSA-2024:0982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11003", "reference_id": "RHSA-2024:11003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1334", "reference_id": "RHSA-2024:1334", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1335", "reference_id": "RHSA-2024:1335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1522", "reference_id": "RHSA-2024:1522", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1522" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1543", "reference_id": "RHSA-2024:1543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1544", "reference_id": "RHSA-2024:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1545", "reference_id": "RHSA-2024:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1647", "reference_id": "RHSA-2024:1647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1648", "reference_id": "RHSA-2024:1648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1781", "reference_id": "RHSA-2024:1781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1782", "reference_id": "RHSA-2024:1782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1789", "reference_id": "RHSA-2024:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1800", "reference_id": "RHSA-2024:1800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1801", "reference_id": "RHSA-2024:1801", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1801" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1803", "reference_id": "RHSA-2024:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1804", "reference_id": "RHSA-2024:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2551", "reference_id": "RHSA-2024:2551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2587", "reference_id": "RHSA-2024:2587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2696", "reference_id": "RHSA-2024:2696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2720", "reference_id": "RHSA-2024:2720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2721", "reference_id": "RHSA-2024:2721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2821", "reference_id": "RHSA-2024:2821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2890", "reference_id": "RHSA-2024:2890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3271", "reference_id": "RHSA-2024:3271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3741", "reference_id": "RHSA-2024:3741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3877", "reference_id": "RHSA-2024:3877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3929", "reference_id": "RHSA-2024:3929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0039", "reference_id": "RHSA-2025:0039", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0039" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1219826", "reference_id": "show_bug.cgi?id=1219826", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1219826" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/", "reference_id": "SVYA42BLXUCIDLD35YIJPJSHDIADNYMP", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/", "reference_id": "TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/" }, { "reference_url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/", "reference_id": "unbound-1.19.1-released", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/", "reference_id": "UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/" }, { "reference_url": "https://usn.ubuntu.com/6633-1/", "reference_id": "USN-6633-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6633-1/" }, { "reference_url": "https://usn.ubuntu.com/6642-1/", "reference_id": "USN-6642-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6642-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-1/", "reference_id": "USN-6657-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-2/", "reference_id": "USN-6657-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-2/" }, { "reference_url": "https://usn.ubuntu.com/6665-1/", "reference_id": "USN-6665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6665-1/" }, { "reference_url": "https://usn.ubuntu.com/6723-1/", "reference_id": "USN-6723-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6723-1/" }, { "reference_url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1", "reference_id": "v5.7.1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/", "reference_id": "ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585985?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1" } ], "aliases": [ "CVE-2023-50868" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vprj-j7u6-zbe7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59314?format=api", "vulnerability_id": "VCID-vshb-4mjd-qugr", "summary": "Use of insufficient randomness in Dnsmasq might lead to DNS Cache\n Poisoning.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3448.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3448.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3448", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12634", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12605", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12738", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12784", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12591", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1267", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12723", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1269", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1265", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3448" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939368", "reference_id": "1939368", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939368" }, { "reference_url": "https://security.archlinux.org/AVG-1703", "reference_id": "AVG-1703", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1703" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24/", "reference_id": "CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7/", "reference_id": "FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V/", "reference_id": "GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V/" }, { "reference_url": "https://security.gentoo.org/glsa/202105-20", "reference_id": "GLSA-202105-20", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/" } ], "url": "https://security.gentoo.org/glsa/202105-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4153", "reference_id": "RHSA-2021:4153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4153" }, { "reference_url": "https://usn.ubuntu.com/4976-1/", "reference_id": "USN-4976-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4976-1/" }, { "reference_url": "https://usn.ubuntu.com/4976-2/", "reference_id": "USN-4976-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4976-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2021-3448" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vshb-4mjd-qugr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83719?format=api", "vulnerability_id": "VCID-xge7-87zv-tbev", "summary": "dnsmasq: Improper validation of wildcard synthesized NSEC records", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15107.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15107.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15107", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07189", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07198", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09521", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09536", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09586", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09499", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09574", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09621", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09628", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15107" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15107", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15107" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510570", "reference_id": "1510570", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510570" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888200", "reference_id": "888200", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888200" }, { "reference_url": "https://security.archlinux.org/ASA-201801-32", "reference_id": "ASA-201801-32", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-32" }, { "reference_url": "https://security.archlinux.org/AVG-592", "reference_id": "AVG-592", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-592" }, { "reference_url": "https://usn.ubuntu.com/4924-1/", "reference_id": "USN-4924-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4924-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" } ], "aliases": [ "CVE-2017-15107" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xge7-87zv-tbev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46206?format=api", "vulnerability_id": "VCID-yaj9-mfyu-uqdm", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25681.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25681.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97582", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97606", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97603", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97605", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97588", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97591", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97592", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97598", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.976", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", "reference_id": "1881875", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881875" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2020-25681" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yaj9-mfyu-uqdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91543?format=api", "vulnerability_id": "VCID-z9q1-h7ra-r3dg", "summary": "Dnsmasq 2.29 allows remote attackers to cause a denial of service (application crash) via a DHCP client broadcast reply request.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2017", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79468", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79474", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79498", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79484", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79513", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.7952", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79543", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79526", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79517", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2017" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035822?format=api", "purl": "pkg:deb/debian/dnsmasq@2.35-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3x7u-ajbx-6fht" }, { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-4fwm-653p-ufcj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-8fbf-8fea-27d9" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-antt-5fzu-87dw" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-bed9-8jhu-pkf9" }, { "vulnerability": "VCID-d3nu-fztq-nffg" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-huvr-uav1-ffex" }, { "vulnerability": "VCID-hxys-tpgq-3uf6" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-jum5-ndq3-xbhp" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nc6t-132e-cqda" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.35-1" } ], "aliases": [ "CVE-2006-2017" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z9q1-h7ra-r3dg" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91358?format=api", "vulnerability_id": "VCID-2ajy-5x5f-bqdk", "summary": "Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers to execute arbitrary code via the DHCP lease file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0876", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84494", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84423", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84438", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84457", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84459", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.8448", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84486", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84504", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84499", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0876" }, { "reference_url": "http://secunia.com/advisories/14691", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/14691" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19825", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19825" }, { "reference_url": "http://www.securityfocus.com/bid/12897", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/12897" }, { "reference_url": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:dnsmasq:dnsmasq:2.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:dnsmasq:dnsmasq:2.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:dnsmasq:dnsmasq:2.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:dnsmasq:dnsmasq:2.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:dnsmasq:dnsmasq:2.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:dnsmasq:dnsmasq:2.19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:dnsmasq:dnsmasq:2.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0876", "reference_id": "CVE-2005-0876", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0876" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035821?format=api", "purl": "pkg:deb/debian/dnsmasq@2.22-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3x7u-ajbx-6fht" }, { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-4fwm-653p-ufcj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-8fbf-8fea-27d9" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-antt-5fzu-87dw" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-bed9-8jhu-pkf9" }, { "vulnerability": "VCID-d3nu-fztq-nffg" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-huvr-uav1-ffex" }, { "vulnerability": "VCID-hxys-tpgq-3uf6" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-jum5-ndq3-xbhp" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nc6t-132e-cqda" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-ny7u-m7rb-kkh3" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" }, { "vulnerability": "VCID-z9q1-h7ra-r3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.22-2" } ], "aliases": [ "CVE-2005-0876" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ajy-5x5f-bqdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80013?format=api", "vulnerability_id": "VCID-nkc5-xdc9-2ff8", "summary": "dnsmasq: DNS cache poisoning from local network may lead to DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0877.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0877.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0877", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16753", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16856", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16811", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16725", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16895", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16952", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16735", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16823", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.1688", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0877" }, { "reference_url": "http://secunia.com/advisories/14691", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/14691" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19826", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19826" }, { "reference_url": "http://www.securityfocus.com/bid/12897", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/12897" }, { "reference_url": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011237", "reference_id": "2011237", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011237" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0877", "reference_id": "CVE-2005-0877", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-0877" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035821?format=api", "purl": "pkg:deb/debian/dnsmasq@2.22-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3x7u-ajbx-6fht" }, { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-4fwm-653p-ufcj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-8fbf-8fea-27d9" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-antt-5fzu-87dw" }, { "vulnerability": "VCID-b2dc-msms-bfee" }, { "vulnerability": "VCID-bed9-8jhu-pkf9" }, { "vulnerability": "VCID-d3nu-fztq-nffg" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-hr7r-mgk2-67aw" }, { "vulnerability": "VCID-huvr-uav1-ffex" }, { "vulnerability": "VCID-hxys-tpgq-3uf6" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-jum5-ndq3-xbhp" }, { "vulnerability": "VCID-k9w6-f6aw-dbey" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-kxbw-1fr9-8kb3" }, { "vulnerability": "VCID-nc6t-132e-cqda" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-ny7u-m7rb-kkh3" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-qs1p-1j9u-3khg" }, { "vulnerability": "VCID-r15f-fgv8-s3h2" }, { "vulnerability": "VCID-ru4r-dtwq-sub2" }, { "vulnerability": "VCID-snzd-3st5-8yb1" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-xge7-87zv-tbev" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" }, { "vulnerability": "VCID-z9q1-h7ra-r3dg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.22-2" } ], "aliases": [ "CVE-2005-0877" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nkc5-xdc9-2ff8" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.22-2" }