Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/37571?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "type": "deb", "namespace": "debian", "name": "dnsmasq", "version": "2.91-1+deb13u1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2.92-4", "latest_non_vulnerable_version": "2.93-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9661?format=api", "vulnerability_id": "VCID-1w1p-8wf2-yuhu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3448.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3448.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3448", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.14119", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.14145", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.14147", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.1403", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3448" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202105-20", "reference_id": "202105-20", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/" } ], "url": "https://security.gentoo.org/glsa/202105-20" }, { "reference_url": "https://security.archlinux.org/AVG-1703", "reference_id": "AVG-1703", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1703" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "cpujan2022.html", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24/", "reference_id": "CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7/", "reference_id": "FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V/", "reference_id": "GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4153", "reference_id": "RHSA-2021:4153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4153" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939368", "reference_id": "show_bug.cgi?id=1939368", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939368" }, { "reference_url": "https://usn.ubuntu.com/4976-1/", "reference_id": "USN-4976-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4976-1/" }, { "reference_url": "https://usn.ubuntu.com/4976-2/", "reference_id": "USN-4976-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4976-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-3448" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1w1p-8wf2-yuhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/204860?format=api", "vulnerability_id": "VCID-2anp-1f3u-b7ea", "summary": "In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13704.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13704.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-13704", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.77786", "scoring_system": "epss", "scoring_elements": "0.99021", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.77786", "scoring_system": "epss", "scoring_elements": "0.99025", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.77786", "scoring_system": "epss", "scoring_elements": "0.99026", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-13704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13704" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495510", "reference_id": "1495510", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495510" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877102", "reference_id": "877102", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877102" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37593?format=api", "purl": "pkg:deb/debian/dnsmasq@2.78-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.78-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-13704" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2anp-1f3u-b7ea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16093?format=api", "vulnerability_id": "VCID-2fdx-js9t-zkem", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49441.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49441.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49441", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02191", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0218", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02184", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02182", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49441" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49441", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49441" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2023q4/017332.html", "reference_id": "017332.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T18:34:35Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2023q4/017332.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290849", "reference_id": "2290849", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290849" }, { "reference_url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=65c2d6afd67a032f45f40d7e4d620f5d73e5f07d", "reference_id": "?p=dnsmasq.git%3Ba=commit%3Bh=65c2d6afd67a032f45f40d7e4d620f5d73e5f07d", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T18:34:35Z/" } ], "url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=65c2d6afd67a032f45f40d7e4d620f5d73e5f07d" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37630?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-49441" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2fdx-js9t-zkem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/115749?format=api", "vulnerability_id": "VCID-2zbm-8s6u-yyd8", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3294.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3294.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3294", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.39957", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40126", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40149", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40138", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3294" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1215747", "reference_id": "1215747", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1215747" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783459", "reference_id": "783459", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783459" }, { "reference_url": "https://security.gentoo.org/glsa/201512-01", "reference_id": "GLSA-201512-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201512-01" }, { "reference_url": "https://usn.ubuntu.com/2593-1/", "reference_id": "USN-2593-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2593-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37589?format=api", "purl": "pkg:deb/debian/dnsmasq@2.72-3.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-3294" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2zbm-8s6u-yyd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30065?format=api", "vulnerability_id": "VCID-3s1z-68n6-d7d1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6507.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6507.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6507", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.15062", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14973", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.15095", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.15093", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-6507" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134264", "reference_id": "1134264", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134264" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2026-6507", "reference_id": "CVE-2026-6507", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-17T14:30:05Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2026-6507" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2459181", "reference_id": "show_bug.cgi?id=2459181", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-17T14:30:05Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2459181" }, { "reference_url": "https://usn.ubuntu.com/8308-1/", "reference_id": "USN-8308-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8308-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37653?format=api", "purl": "pkg:deb/debian/dnsmasq@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37657?format=api", "purl": "pkg:deb/debian/dnsmasq@2.92-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-6507" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3s1z-68n6-d7d1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/179677?format=api", "vulnerability_id": "VCID-49pt-bsyr-abgq", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14496.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14496.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14496", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.1642", "scoring_system": "epss", "scoring_elements": "0.95032", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.1642", "scoring_system": "epss", "scoring_elements": "0.95048", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.1642", "scoring_system": "epss", "scoring_elements": "0.95049", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.1642", "scoring_system": "epss", "scoring_elements": "0.95051", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14496" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495416", "reference_id": "1495416", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495416" }, { "reference_url": "https://security.archlinux.org/ASA-201710-1", "reference_id": "ASA-201710-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-1" }, { "reference_url": "https://security.archlinux.org/AVG-421", "reference_id": "AVG-421", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-421" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42946.py", "reference_id": "CVE-2017-14496", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42946.py" }, { "reference_url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14496.py", "reference_id": "CVE-2017-14496", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14496.py" }, { "reference_url": "https://security.gentoo.org/glsa/201710-27", "reference_id": "GLSA-201710-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2836", "reference_id": "RHSA-2017:2836", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2836" }, { "reference_url": "https://usn.ubuntu.com/3430-1/", "reference_id": "USN-3430-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-1/" }, { "reference_url": "https://usn.ubuntu.com/3430-2/", "reference_id": "USN-3430-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37593?format=api", "purl": "pkg:deb/debian/dnsmasq@2.78-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.78-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14496" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-49pt-bsyr-abgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15328?format=api", "vulnerability_id": "VCID-4mah-4t37-j7h2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28450.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28450.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01769", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01762", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01758", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01754", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28450" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28450" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033165", "reference_id": "1033165", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033165" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178948", "reference_id": "2178948", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178948" }, { "reference_url": "https://capec.mitre.org/data/definitions/495.html", "reference_id": "495.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://capec.mitre.org/data/definitions/495.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV/", "reference_id": "6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV/" }, { "reference_url": "https://thekelleys.org.uk/dnsmasq/doc.html", "reference_id": "doc.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://thekelleys.org.uk/dnsmasq/doc.html" }, { "reference_url": "https://security.gentoo.org/glsa/202412-10", "reference_id": "GLSA-202412-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-10" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA/", "reference_id": "OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA/" }, { "reference_url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG", "reference_id": "?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG" }, { "reference_url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5", "reference_id": "?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6524", "reference_id": "RHSA-2023:6524", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6524" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7046", "reference_id": "RHSA-2023:7046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1544", "reference_id": "RHSA-2024:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1545", "reference_id": "RHSA-2024:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4052", "reference_id": "RHSA-2024:4052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4052" }, { "reference_url": "https://usn.ubuntu.com/6034-1/", "reference_id": "USN-6034-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6034-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-1/", "reference_id": "USN-6657-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-2/", "reference_id": "USN-6657-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37626?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37630?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37628?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-28450" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4mah-4t37-j7h2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176010?format=api", "vulnerability_id": "VCID-4rz4-8v4h-xyew", "summary": "Two vulnerabilities in dnsmasq might allow for a Denial of Service or\n spoofing of DNS replies.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3350.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3350.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3350", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.79246", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.79311", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.79325", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.7932", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3350" }, { "reference_url": "https://security.gentoo.org/glsa/200809-02", "reference_id": "GLSA-200809-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200809-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37580?format=api", "purl": "pkg:deb/debian/dnsmasq@2.44-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.44-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2008-3350" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4rz4-8v4h-xyew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2944?format=api", "vulnerability_id": "VCID-557y-a79w-tfbz", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14495.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14495.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14495", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.49056", "scoring_system": "epss", "scoring_elements": "0.97838", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.49056", "scoring_system": "epss", "scoring_elements": "0.97848", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14495" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14495", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14495" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495415", "reference_id": "1495415", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495415" }, { "reference_url": "https://security.archlinux.org/ASA-201710-1", "reference_id": "ASA-201710-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-1" }, { "reference_url": "https://security.archlinux.org/AVG-421", "reference_id": "AVG-421", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-421" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42945.py", "reference_id": "CVE-2017-14495", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42945.py" }, { "reference_url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14495.py", "reference_id": "CVE-2017-14495", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14495.py" }, { "reference_url": "https://security.gentoo.org/glsa/201710-27", "reference_id": "GLSA-201710-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2836", "reference_id": "RHSA-2017:2836", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2836" }, { "reference_url": "https://usn.ubuntu.com/3430-1/", "reference_id": "USN-3430-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-1/" }, { "reference_url": "https://usn.ubuntu.com/3430-2/", "reference_id": "USN-3430-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37593?format=api", "purl": "pkg:deb/debian/dnsmasq@2.78-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.78-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14495" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-557y-a79w-tfbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29951?format=api", "vulnerability_id": "VCID-6epg-md5k-fkeb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4893.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4893.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4893", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.08152", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09013", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09024", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09021", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4893" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html", "reference_id": "018471.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:28:57Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458519", "reference_id": "2458519", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458519" }, { "reference_url": "https://www.kb.cert.org/vuls/id/471747", "reference_id": "471747", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:28:57Z/" } ], "url": "https://www.kb.cert.org/vuls/id/471747" }, { "reference_url": "https://github.com/NixOS/nixpkgs/pull/519082", "reference_id": "519082", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:28:57Z/" } ], "url": "https://github.com/NixOS/nixpkgs/pull/519082" }, { "reference_url": "https://github.com/NixOS/nixpkgs/pull/519093", "reference_id": "519093", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:28:57Z/" } ], "url": "https://github.com/NixOS/nixpkgs/pull/519093" }, { "reference_url": "https://thekelleys.org.uk/dnsmasq/CVE/", "reference_id": "CVE", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:28:57Z/" } ], "url": "https://thekelleys.org.uk/dnsmasq/CVE/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19158", "reference_id": "RHSA-2026:19158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19373", "reference_id": "RHSA-2026:19373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:20589", "reference_id": "RHSA-2026:20589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:20589" }, { "reference_url": "https://usn.ubuntu.com/8268-1/", "reference_id": "USN-8268-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8268-1/" }, { "reference_url": "https://github.com/pi-hole/FTL/releases/tag/v6.6.2", "reference_id": "v6.6.2", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:28:57Z/" } ], "url": "https://github.com/pi-hole/FTL/releases/tag/v6.6.2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37638?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37640?format=api", "purl": "pkg:deb/debian/dnsmasq@2.92-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-4893" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6epg-md5k-fkeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8248?format=api", "vulnerability_id": "VCID-8a5q-pv82-xffu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25686.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25686.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.68387", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.68475", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.68489", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.68483", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", "reference_id": "1890125", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890125" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0153", "reference_id": "RHSA-2021:0153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0154", "reference_id": "RHSA-2021:0154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0155", "reference_id": "RHSA-2021:0155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0156", "reference_id": "RHSA-2021:0156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0240", "reference_id": "RHSA-2021:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0245", "reference_id": "RHSA-2021:0245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0395", "reference_id": "RHSA-2021:0395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0401", "reference_id": "RHSA-2021:0401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0401" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37605?format=api", "purl": "pkg:deb/debian/dnsmasq@2.83-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.83-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-25686" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8a5q-pv82-xffu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29948?format=api", "vulnerability_id": "VCID-8xb7-mnzz-mbb8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4891.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4891.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4891", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21795", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23297", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23319", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23307", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4891" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4891" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html", "reference_id": "018471.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:27:33Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458517", "reference_id": "2458517", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458517" }, { "reference_url": "https://www.kb.cert.org/vuls/id/471747", "reference_id": "471747", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:27:33Z/" } ], "url": "https://www.kb.cert.org/vuls/id/471747" }, { "reference_url": "https://github.com/NixOS/nixpkgs/pull/519082", "reference_id": "519082", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:27:33Z/" } ], "url": "https://github.com/NixOS/nixpkgs/pull/519082" }, { "reference_url": "https://github.com/NixOS/nixpkgs/pull/519093", "reference_id": "519093", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:27:33Z/" } ], "url": "https://github.com/NixOS/nixpkgs/pull/519093" }, { "reference_url": "https://thekelleys.org.uk/dnsmasq/CVE/", "reference_id": "CVE", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:27:33Z/" } ], "url": "https://thekelleys.org.uk/dnsmasq/CVE/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19158", "reference_id": "RHSA-2026:19158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19373", "reference_id": "RHSA-2026:19373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:20589", "reference_id": "RHSA-2026:20589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:20589" }, { "reference_url": "https://usn.ubuntu.com/8268-1/", "reference_id": "USN-8268-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8268-1/" }, { "reference_url": "https://github.com/pi-hole/FTL/releases/tag/v6.6.2", "reference_id": "v6.6.2", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:27:33Z/" } ], "url": "https://github.com/pi-hole/FTL/releases/tag/v6.6.2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37638?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37640?format=api", "purl": "pkg:deb/debian/dnsmasq@2.92-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-4891" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8xb7-mnzz-mbb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2940?format=api", "vulnerability_id": "VCID-aju2-ajgk-43a8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14491.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14491.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14491", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.3372", "scoring_system": "epss", "scoring_elements": "0.97069", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.3372", "scoring_system": "epss", "scoring_elements": "0.97059", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.3372", "scoring_system": "epss", "scoring_elements": "0.97068", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.3372", "scoring_system": "epss", "scoring_elements": "0.9707", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409", "reference_id": "1495409", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495409" }, { "reference_url": "https://security.archlinux.org/ASA-201710-1", "reference_id": "ASA-201710-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-1" }, { "reference_url": "https://security.archlinux.org/AVG-421", "reference_id": "AVG-421", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-421" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42941.py", "reference_id": "CVE-2017-14491", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42941.py" }, { "reference_url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14491.py", "reference_id": "CVE-2017-14491", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14491.py" }, { "reference_url": "https://security.gentoo.org/glsa/201710-27", "reference_id": "GLSA-201710-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2836", "reference_id": "RHSA-2017:2836", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2836" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2837", "reference_id": "RHSA-2017:2837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2838", "reference_id": "RHSA-2017:2838", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2839", "reference_id": "RHSA-2017:2839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2840", "reference_id": "RHSA-2017:2840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2841", "reference_id": "RHSA-2017:2841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2841" }, { "reference_url": "https://usn.ubuntu.com/3430-1/", "reference_id": "USN-3430-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-1/" }, { "reference_url": "https://usn.ubuntu.com/3430-2/", "reference_id": "USN-3430-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37593?format=api", "purl": "pkg:deb/debian/dnsmasq@2.78-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.78-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14491" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aju2-ajgk-43a8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16130?format=api", "vulnerability_id": "VCID-apzb-zjav-3bec", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.43215", "scoring_system": "epss", "scoring_elements": "0.97595", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.43215", "scoring_system": "epss", "scoring_elements": "0.97586", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html", "reference_id": "017430.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845", "reference_id": "1063845", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852", "reference_id": "1063852", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750", "reference_id": "1077750", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/2" }, { "reference_url": "https://www.isc.org/blogs/2024-bind-security-release/", "reference_id": "2024-bind-security-release", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.isc.org/blogs/2024-bind-security-release/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263914", "reference_id": "2263914", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263914" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/", "reference_id": "6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/", "reference_id": "BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/" }, { "reference_url": "https://kb.isc.org/docs/cve-2023-50387", "reference_id": "cve-2023-50387", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://kb.isc.org/docs/cve-2023-50387" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-50387", "reference_id": "CVE-2023-50387", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-50387" }, { "reference_url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387", "reference_id": "CVE-2023-50387", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387" }, { "reference_url": "https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/", "reference_id": "dnssec_vulnerability_internet", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-10", "reference_id": "GLSA-202412-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-10" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/", "reference_id": "HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/", "reference_id": "IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/" }, { "reference_url": "https://news.ycombinator.com/item?id=39367411", "reference_id": "item?id=39367411", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://news.ycombinator.com/item?id=39367411" }, { "reference_url": "https://news.ycombinator.com/item?id=39372384", "reference_id": "item?id=39372384", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://news.ycombinator.com/item?id=39372384" }, { "reference_url": "https://www.athene-center.de/aktuelles/key-trap", "reference_id": "key-trap", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.athene-center.de/aktuelles/key-trap" }, { "reference_url": "https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/", "reference_id": "keytrap-dns-attack-could-disable-large-parts-of-internet-researchers", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html", "reference_id": "msg00006.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240307-0007/", "reference_id": "ntap-20240307-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240307-0007/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/", "reference_id": "PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html", "reference_id": "powerdns-advisory-2024-01.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/", "reference_id": "RGS7JN6FZXUSTC2XKQHH27574XOULYYJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0965", "reference_id": "RHSA-2024:0965", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0965" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0977", "reference_id": "RHSA-2024:0977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0981", "reference_id": "RHSA-2024:0981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0982", "reference_id": "RHSA-2024:0982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11003", "reference_id": "RHSA-2024:11003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1334", "reference_id": "RHSA-2024:1334", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1335", "reference_id": "RHSA-2024:1335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1522", "reference_id": "RHSA-2024:1522", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1522" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1543", "reference_id": "RHSA-2024:1543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1544", "reference_id": "RHSA-2024:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1545", "reference_id": "RHSA-2024:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1647", "reference_id": "RHSA-2024:1647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1648", "reference_id": "RHSA-2024:1648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1781", "reference_id": "RHSA-2024:1781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1782", "reference_id": "RHSA-2024:1782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1789", "reference_id": "RHSA-2024:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1800", "reference_id": "RHSA-2024:1800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1801", "reference_id": "RHSA-2024:1801", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1801" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1803", "reference_id": "RHSA-2024:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1804", "reference_id": "RHSA-2024:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2551", "reference_id": "RHSA-2024:2551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2587", "reference_id": "RHSA-2024:2587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2696", "reference_id": "RHSA-2024:2696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2720", "reference_id": "RHSA-2024:2720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2721", "reference_id": "RHSA-2024:2721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2821", "reference_id": "RHSA-2024:2821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2890", "reference_id": "RHSA-2024:2890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3271", "reference_id": "RHSA-2024:3271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3741", "reference_id": "RHSA-2024:3741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3877", "reference_id": "RHSA-2024:3877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3929", "reference_id": "RHSA-2024:3929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0039", "reference_id": "RHSA-2025:0039", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0039" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1219823", "reference_id": "show_bug.cgi?id=1219823", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1219823" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/", "reference_id": "SVYA42BLXUCIDLD35YIJPJSHDIADNYMP", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/" }, { "reference_url": "https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf", "reference_id": "Technical_Report_KeyTrap.pdf", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/", "reference_id": "TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/" }, { "reference_url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/", "reference_id": "unbound-1.19.1-released", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/", "reference_id": "UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/" }, { "reference_url": "https://usn.ubuntu.com/6633-1/", "reference_id": "USN-6633-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6633-1/" }, { "reference_url": "https://usn.ubuntu.com/6642-1/", "reference_id": "USN-6642-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6642-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-1/", "reference_id": "USN-6657-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-2/", "reference_id": "USN-6657-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-2/" }, { "reference_url": "https://usn.ubuntu.com/6665-1/", "reference_id": "USN-6665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6665-1/" }, { "reference_url": "https://usn.ubuntu.com/6723-1/", "reference_id": "USN-6723-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6723-1/" }, { "reference_url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1", "reference_id": "v5.7.1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/", "reference_id": "ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37626?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37630?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37628?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-50387" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-apzb-zjav-3bec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/200379?format=api", "vulnerability_id": "VCID-b3bk-c8b7-b3ct", "summary": "Dnsmasq 2.29 allows remote attackers to cause a denial of service (application crash) via a DHCP client broadcast reply request.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2017", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79935", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79998", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.80015", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.80008", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2017" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37574?format=api", "purl": "pkg:deb/debian/dnsmasq@2.30-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.30-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-2017" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b3bk-c8b7-b3ct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2942?format=api", "vulnerability_id": "VCID-b9gg-w632-bkhe", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14493.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14493.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14493", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04678", "scoring_system": "epss", "scoring_elements": "0.89572", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.04678", "scoring_system": "epss", "scoring_elements": "0.89607", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.04678", "scoring_system": "epss", "scoring_elements": "0.89613", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:L/Au:N/C:N/I:P/A:P" }, { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495411", "reference_id": "1495411", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495411" }, { "reference_url": "https://security.archlinux.org/ASA-201710-1", "reference_id": "ASA-201710-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-1" }, { "reference_url": "https://security.archlinux.org/AVG-421", "reference_id": "AVG-421", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-421" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42943.py", "reference_id": "CVE-2017-14493", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42943.py" }, { "reference_url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14493.py", "reference_id": "CVE-2017-14493", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14493.py" }, { "reference_url": "https://security.gentoo.org/glsa/201710-27", "reference_id": "GLSA-201710-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2836", "reference_id": "RHSA-2017:2836", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2836" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2837", "reference_id": "RHSA-2017:2837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2837" }, { "reference_url": "https://usn.ubuntu.com/3430-1/", "reference_id": "USN-3430-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-1/" }, { "reference_url": "https://usn.ubuntu.com/3430-2/", "reference_id": "USN-3430-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37593?format=api", "purl": "pkg:deb/debian/dnsmasq@2.78-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.78-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14493" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b9gg-w632-bkhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8246?format=api", "vulnerability_id": "VCID-cf3m-dhqm-tbc4", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25684.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25684.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57801", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57913", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57929", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57918", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", "reference_id": "1889686", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889686" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0153", "reference_id": "RHSA-2021:0153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0154", "reference_id": "RHSA-2021:0154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0155", "reference_id": "RHSA-2021:0155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0156", "reference_id": "RHSA-2021:0156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0240", "reference_id": "RHSA-2021:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0245", "reference_id": "RHSA-2021:0245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0395", "reference_id": "RHSA-2021:0395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0401", "reference_id": "RHSA-2021:0401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0401" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37605?format=api", "purl": "pkg:deb/debian/dnsmasq@2.83-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.83-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-25684" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cf3m-dhqm-tbc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8243?format=api", "vulnerability_id": "VCID-dgu3-uy5a-yyge", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25681.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25681.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97685", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97694", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97695", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", "reference_id": "1881875", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881875" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37605?format=api", "purl": "pkg:deb/debian/dnsmasq@2.83-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.83-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-25681" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dgu3-uy5a-yyge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8244?format=api", "vulnerability_id": "VCID-dqcm-ed38-8yfe", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25682.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25682.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.97096", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.97105", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.97107", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", "reference_id": "1882014", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1882014" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37605?format=api", "purl": "pkg:deb/debian/dnsmasq@2.83-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.83-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-25682" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dqcm-ed38-8yfe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176524?format=api", "vulnerability_id": "VCID-fk95-fukj-4ffp", "summary": "A vulnerability in Dnsmasq can lead to a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0198.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0198.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0198", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16288", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16431", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16442", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16413", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0198" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0198", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0198" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=894486", "reference_id": "894486", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=894486" }, { "reference_url": "https://security.gentoo.org/glsa/201406-24", "reference_id": "GLSA-201406-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-24" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37587?format=api", "purl": "pkg:deb/debian/dnsmasq@2.66-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.66-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-0198" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fk95-fukj-4ffp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29947?format=api", "vulnerability_id": "VCID-fws8-vuas-w3cz", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4890.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4890.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4890", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47291", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49923", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49936", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49918", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html", "reference_id": "018471.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:28:07Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458516", "reference_id": "2458516", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458516" }, { "reference_url": "https://www.kb.cert.org/vuls/id/471747", "reference_id": "471747", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:28:07Z/" } ], "url": "https://www.kb.cert.org/vuls/id/471747" }, { "reference_url": "https://github.com/NixOS/nixpkgs/pull/519082", "reference_id": "519082", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:28:07Z/" } ], "url": "https://github.com/NixOS/nixpkgs/pull/519082" }, { "reference_url": "https://github.com/NixOS/nixpkgs/pull/519093", "reference_id": "519093", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:28:07Z/" } ], "url": "https://github.com/NixOS/nixpkgs/pull/519093" }, { "reference_url": "https://thekelleys.org.uk/dnsmasq/CVE/", "reference_id": "CVE", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:28:07Z/" } ], "url": "https://thekelleys.org.uk/dnsmasq/CVE/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19158", "reference_id": "RHSA-2026:19158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19373", "reference_id": "RHSA-2026:19373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:20589", "reference_id": "RHSA-2026:20589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:20589" }, { "reference_url": "https://usn.ubuntu.com/8268-1/", "reference_id": "USN-8268-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8268-1/" }, { "reference_url": "https://github.com/pi-hole/FTL/releases/tag/v6.6.2", "reference_id": "v6.6.2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-11T18:28:07Z/" } ], "url": "https://github.com/pi-hole/FTL/releases/tag/v6.6.2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37638?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37640?format=api", "purl": "pkg:deb/debian/dnsmasq@2.92-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-4890" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fws8-vuas-w3cz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/200048?format=api", "vulnerability_id": "VCID-gj7d-qshw-5ug2", "summary": "Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers to execute arbitrary code via the DHCP lease file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0876", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84854", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84907", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84915", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0876" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37568?format=api", "purl": "pkg:deb/debian/dnsmasq@2.21?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.21%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-0876" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gj7d-qshw-5ug2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/26807?format=api", "vulnerability_id": "VCID-gwge-defb-4kd8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2291.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2291.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2291", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22834", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24369", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24386", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24376", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2291" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html", "reference_id": "018471.html", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T12:38:54Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439088", "reference_id": "2439088", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439088" }, { "reference_url": "https://www.kb.cert.org/vuls/id/471747", "reference_id": "471747", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T12:38:54Z/" } ], "url": "https://www.kb.cert.org/vuls/id/471747" }, { "reference_url": "https://github.com/NixOS/nixpkgs/pull/519082", "reference_id": "519082", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T12:38:54Z/" } ], "url": "https://github.com/NixOS/nixpkgs/pull/519082" }, { "reference_url": "https://github.com/NixOS/nixpkgs/pull/519093", "reference_id": "519093", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T12:38:54Z/" } ], "url": "https://github.com/NixOS/nixpkgs/pull/519093" }, { "reference_url": "https://thekelleys.org.uk/dnsmasq/CVE/", "reference_id": "CVE", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T12:38:54Z/" } ], "url": "https://thekelleys.org.uk/dnsmasq/CVE/" }, { "reference_url": "https://www.suse.com/security/cve/CVE-2026-2291.html", "reference_id": "CVE-2026-2291.html", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T12:38:54Z/" } ], "url": "https://www.suse.com/security/cve/CVE-2026-2291.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19158", "reference_id": "RHSA-2026:19158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19373", "reference_id": "RHSA-2026:19373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:20589", "reference_id": "RHSA-2026:20589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:20589" }, { "reference_url": "https://usn.ubuntu.com/8268-1/", "reference_id": "USN-8268-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8268-1/" }, { "reference_url": "https://github.com/pi-hole/FTL/releases/tag/v6.6.2", "reference_id": "v6.6.2", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T12:38:54Z/" } ], "url": "https://github.com/pi-hole/FTL/releases/tag/v6.6.2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37638?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37640?format=api", "purl": "pkg:deb/debian/dnsmasq@2.92-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-2291" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gwge-defb-4kd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/177869?format=api", "vulnerability_id": "VCID-hugj-a2v4-ybg9", "summary": "Multiple vulnerabilities in Dnsmasq might result in the remote execution of\n arbitrary code, or a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2957.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2957.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2957", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08525", "scoring_system": "epss", "scoring_elements": "0.92566", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.08525", "scoring_system": "epss", "scoring_elements": "0.92591", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.08525", "scoring_system": "epss", "scoring_elements": "0.92595", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=519020", "reference_id": "519020", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=519020" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9617.txt", "reference_id": "CVE-2009-2958;CVE-2009-2957;OSVDB-57593;OSVDB-57592", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9617.txt" }, { "reference_url": "http://www.coresecurity.com/content/dnsmasq-vulnerabilities", "reference_id": "CVE-2009-2958;CVE-2009-2957;OSVDB-57593;OSVDB-57592", "reference_type": "exploit", "scores": [], "url": "http://www.coresecurity.com/content/dnsmasq-vulnerabilities" }, { "reference_url": "https://security.gentoo.org/glsa/200909-19", "reference_id": "GLSA-200909-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200909-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1238", "reference_id": "RHSA-2009:1238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1238" }, { "reference_url": "https://usn.ubuntu.com/827-1/", "reference_id": "USN-827-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/827-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37582?format=api", "purl": "pkg:deb/debian/dnsmasq@2.50-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.50-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-2957" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hugj-a2v4-ybg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8245?format=api", "vulnerability_id": "VCID-mnwq-6naw-7qf5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25683.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25683.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.96886", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.96896", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.96898", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.96899", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", "reference_id": "1882018", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1882018" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37605?format=api", "purl": "pkg:deb/debian/dnsmasq@2.83-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.83-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-25683" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mnwq-6naw-7qf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29950?format=api", "vulnerability_id": "VCID-mrch-aw5j-5kd5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4892.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4892.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4892", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02228", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02825", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02815", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.0283", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4892" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4892", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4892" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html", "reference_id": "018471.html", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-11T18:26:34Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458518", "reference_id": "2458518", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458518" }, { "reference_url": "https://www.kb.cert.org/vuls/id/471747", "reference_id": "471747", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-11T18:26:34Z/" } ], "url": "https://www.kb.cert.org/vuls/id/471747" }, { "reference_url": "https://github.com/NixOS/nixpkgs/pull/519082", "reference_id": "519082", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-11T18:26:34Z/" } ], "url": "https://github.com/NixOS/nixpkgs/pull/519082" }, { "reference_url": "https://github.com/NixOS/nixpkgs/pull/519093", "reference_id": "519093", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-11T18:26:34Z/" } ], "url": "https://github.com/NixOS/nixpkgs/pull/519093" }, { "reference_url": "https://thekelleys.org.uk/dnsmasq/CVE/", "reference_id": "CVE", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-11T18:26:34Z/" } ], "url": "https://thekelleys.org.uk/dnsmasq/CVE/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19158", "reference_id": "RHSA-2026:19158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19373", "reference_id": "RHSA-2026:19373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:20589", "reference_id": "RHSA-2026:20589", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:20589" }, { "reference_url": "https://usn.ubuntu.com/8268-1/", "reference_id": "USN-8268-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8268-1/" }, { "reference_url": "https://github.com/pi-hole/FTL/releases/tag/v6.6.2", "reference_id": "v6.6.2", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-11T18:26:34Z/" } ], "url": "https://github.com/pi-hole/FTL/releases/tag/v6.6.2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37638?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37640?format=api", "purl": "pkg:deb/debian/dnsmasq@2.92-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-4892" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mrch-aw5j-5kd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8650?format=api", "vulnerability_id": "VCID-mszk-k9x2-h7bs", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-37127.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-37127.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-37127", "reference_id": "", "reference_type": "", "scores": [ { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00893", "published_at": "2026-06-11T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00899", "published_at": "2026-06-14T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00896", "published_at": "2026-06-13T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.0089", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-37127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-37127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-37127" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437103", "reference_id": "2437103", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437103" }, { "reference_url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1", "reference_id": "2.79-1", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T21:17:56Z/" } ], "url": "https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1" }, { "reference_url": "https://www.exploit-db.com/exploits/48301", "reference_id": "48301", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T21:17:56Z/" } ], "url": "https://www.exploit-db.com/exploits/48301" }, { "reference_url": "https://www.vulncheck.com/advisories/dnsmasq-utils-dhcprelease-denial-of-service", "reference_id": "dnsmasq-utils-dhcprelease-denial-of-service", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T21:17:56Z/" } ], "url": "https://www.vulncheck.com/advisories/dnsmasq-utils-dhcprelease-denial-of-service" }, { "reference_url": "https://usn.ubuntu.com/8311-1/", "reference_id": "USN-8311-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8311-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37619?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-37127" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mszk-k9x2-h7bs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11171?format=api", "vulnerability_id": "VCID-pt11-q924-tbfn", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0934.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0934.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05216", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05223", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05236", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05229", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0934" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html", "reference_id": "016272.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014715", "reference_id": "1014715", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014715" }, { "reference_url": "https://security.archlinux.org/AVG-2716", "reference_id": "AVG-2716", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2716" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2022-0934", "reference_id": "CVE-2022-0934", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2022-0934" }, { "reference_url": "https://security.gentoo.org/glsa/202412-10", "reference_id": "GLSA-202412-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-10" }, { "reference_url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39", "reference_id": "?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/" } ], "url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7633", "reference_id": "RHSA-2022:7633", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7633" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8070", "reference_id": "RHSA-2022:8070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1545", "reference_id": "RHSA-2024:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1545" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2057075", "reference_id": "show_bug.cgi?id=2057075", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2057075" }, { "reference_url": "https://usn.ubuntu.com/5408-1/", "reference_id": "USN-5408-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5408-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37626?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37623?format=api", "purl": "pkg:deb/debian/dnsmasq@2.87-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.87-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-0934" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pt11-q924-tbfn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176011?format=api", "vulnerability_id": "VCID-qvdj-3e5t-hue6", "summary": "Two vulnerabilities in dnsmasq might allow for a Denial of Service or\n spoofing of DNS replies.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.88109", "scoring_system": "epss", "scoring_elements": "0.99506", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.88109", "scoring_system": "epss", "scoring_elements": "0.99507", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.88109", "scoring_system": "epss", "scoring_elements": "0.99508", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447" }, { "reference_url": "https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=449345", "reference_id": "449345", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=449345" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123", "reference_id": "490123", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465", "reference_id": "492465", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698", "reference_id": "492698", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700", "reference_id": "492700", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599", "reference_id": "493599", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599" }, { "reference_url": "https://security.gentoo.org/glsa/200807-08", "reference_id": "GLSA-200807-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200807-08" }, { "reference_url": "https://security.gentoo.org/glsa/200809-02", "reference_id": "GLSA-200809-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200809-02" }, { "reference_url": "https://security.gentoo.org/glsa/200812-17", "reference_id": "GLSA-200812-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-17" }, { "reference_url": "https://security.gentoo.org/glsa/200901-03", "reference_id": "GLSA-200901-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200901-03" }, { "reference_url": "https://security.gentoo.org/glsa/201209-25", "reference_id": "GLSA-201209-25", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-25" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb", "reference_id": "OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py", "reference_id": "OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c", "reference_id": "OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232;OSVDB-46776", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0533", "reference_id": "RHSA-2008:0533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0533" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0789", "reference_id": "RHSA-2008:0789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0789" }, { "reference_url": "https://usn.ubuntu.com/622-1/", "reference_id": "USN-622-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/622-1/" }, { "reference_url": "https://usn.ubuntu.com/627-1/", "reference_id": "USN-627-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/627-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37575?format=api", "purl": "pkg:deb/debian/dnsmasq@2.43-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.43-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2008-1447" ], "risk_score": 1.6, "exploitability": "2.0", "weighted_severity": "0.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qvdj-3e5t-hue6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2943?format=api", "vulnerability_id": "VCID-sut5-b1ac-byeq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14494.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14494.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08297", "scoring_system": "epss", "scoring_elements": "0.9244", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.08297", "scoring_system": "epss", "scoring_elements": "0.92466", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.08297", "scoring_system": "epss", "scoring_elements": "0.92468", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495412", "reference_id": "1495412", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495412" }, { "reference_url": "https://security.archlinux.org/ASA-201710-1", "reference_id": "ASA-201710-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-1" }, { "reference_url": "https://security.archlinux.org/AVG-421", "reference_id": "AVG-421", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-421" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42944.py", "reference_id": "CVE-2017-14494", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42944.py" }, { "reference_url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14494.py", "reference_id": "CVE-2017-14494", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14494.py" }, { "reference_url": "https://security.gentoo.org/glsa/201710-27", "reference_id": "GLSA-201710-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2836", "reference_id": "RHSA-2017:2836", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2836" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2837", "reference_id": "RHSA-2017:2837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2837" }, { "reference_url": "https://usn.ubuntu.com/3430-1/", "reference_id": "USN-3430-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-1/" }, { "reference_url": "https://usn.ubuntu.com/3430-2/", "reference_id": "USN-3430-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37593?format=api", "purl": "pkg:deb/debian/dnsmasq@2.78-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.78-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14494" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sut5-b1ac-byeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8249?format=api", "vulnerability_id": "VCID-u3jc-1nz1-dfda", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25687.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25687.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95904", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95918", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95919", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95922", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25687" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", "reference_id": "1891568", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891568" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37605?format=api", "purl": "pkg:deb/debian/dnsmasq@2.83-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.83-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-25687" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u3jc-1nz1-dfda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6348?format=api", "vulnerability_id": "VCID-u77j-mz42-mbdz", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14513.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14513.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14513", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.15064", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.15188", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.15192", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.15158", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14513" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1739422", "reference_id": "1739422", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1739422" }, { "reference_url": "https://usn.ubuntu.com/4924-1/", "reference_id": "USN-4924-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4924-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37591?format=api", "purl": "pkg:deb/debian/dnsmasq@2.76-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-14513" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u77j-mz42-mbdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2941?format=api", "vulnerability_id": "VCID-u936-82u1-kkg1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14492.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14492.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.93379", "scoring_system": "epss", "scoring_elements": "0.99824", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.93379", "scoring_system": "epss", "scoring_elements": "0.99825", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14492" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:L/Au:N/C:N/I:P/A:P" }, { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495410", "reference_id": "1495410", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1495410" }, { "reference_url": "https://security.archlinux.org/ASA-201710-1", "reference_id": "ASA-201710-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-1" }, { "reference_url": "https://security.archlinux.org/AVG-421", "reference_id": "AVG-421", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-421" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42942.py", "reference_id": "CVE-2017-14492", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42942.py" }, { "reference_url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14492.py", "reference_id": "CVE-2017-14492", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14492.py" }, { "reference_url": "https://security.gentoo.org/glsa/201710-27", "reference_id": "GLSA-201710-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2836", "reference_id": "RHSA-2017:2836", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2836" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2837", "reference_id": "RHSA-2017:2837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2837" }, { "reference_url": "https://usn.ubuntu.com/3430-1/", "reference_id": "USN-3430-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-1/" }, { "reference_url": "https://usn.ubuntu.com/3430-2/", "reference_id": "USN-3430-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3430-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37593?format=api", "purl": "pkg:deb/debian/dnsmasq@2.78-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.78-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14492" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u936-82u1-kkg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6375?format=api", "vulnerability_id": "VCID-v7kf-8u6e-bqf9", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14834.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14834.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14834", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13904", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.14021", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.14018", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13993", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14834" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764425", "reference_id": "1764425", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764425" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948373", "reference_id": "948373", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1715", "reference_id": "RHSA-2020:1715", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1715" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3878", "reference_id": "RHSA-2020:3878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3878" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" }, { "reference_url": "https://usn.ubuntu.com/7689-1/", "reference_id": "USN-7689-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7689-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37599?format=api", "purl": "pkg:deb/debian/dnsmasq@2.81-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.81-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-14834" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v7kf-8u6e-bqf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/200049?format=api", "vulnerability_id": "VCID-va5k-n4p9-nfbt", "summary": "Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0877.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0877.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0877", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.17091", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.17251", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.17266", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.1724", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-0877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0877" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011237", "reference_id": "2011237", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011237" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37568?format=api", "purl": "pkg:deb/debian/dnsmasq@2.21?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.21%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-0877" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-va5k-n4p9-nfbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7756?format=api", "vulnerability_id": "VCID-vy56-wsj3-pfhq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14312.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14312.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14312", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32343", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32524", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32544", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32521", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14312" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851342", "reference_id": "1851342", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851342" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732610", "reference_id": "732610", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732610" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37602?format=api", "purl": "pkg:deb/debian/dnsmasq@2.69-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.69-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-14312" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vy56-wsj3-pfhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/201077?format=api", "vulnerability_id": "VCID-vzet-9ygx-rbch", "summary": "dnsmasq 2.25 allows remote attackers to cause a denial of service (daemon crash) by (1) renewing a nonexistent lease or (2) sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3214.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3214.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3214", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47711", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47852", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47869", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47853", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3214" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3214" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37578?format=api", "purl": "pkg:deb/debian/dnsmasq@2.26-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.26-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2008-3214" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vzet-9ygx-rbch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3017?format=api", "vulnerability_id": "VCID-w57v-jua2-wkfu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15107.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15107.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15107", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04453", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04456", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04441", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04437", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15107" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15107", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15107" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510570", "reference_id": "1510570", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510570" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888200", "reference_id": "888200", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888200" }, { "reference_url": "https://security.archlinux.org/ASA-201801-32", "reference_id": "ASA-201801-32", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201801-32" }, { "reference_url": "https://security.archlinux.org/AVG-592", "reference_id": "AVG-592", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-592" }, { "reference_url": "https://usn.ubuntu.com/4924-1/", "reference_id": "USN-4924-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4924-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37598?format=api", "purl": "pkg:deb/debian/dnsmasq@2.79-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.79-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-15107" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w57v-jua2-wkfu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/16137?format=api", "vulnerability_id": "VCID-wfx1-urk3-37ha", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12114", "scoring_system": "epss", "scoring_elements": "0.93965", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.12114", "scoring_system": "epss", "scoring_elements": "0.93985", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.12114", "scoring_system": "epss", "scoring_elements": "0.9399", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.12114", "scoring_system": "epss", "scoring_elements": "0.93992", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html", "reference_id": "017430.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845", "reference_id": "1063845", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852", "reference_id": "1063852", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751", "reference_id": "1077751", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/2" }, { "reference_url": "https://www.isc.org/blogs/2024-bind-security-release/", "reference_id": "2024-bind-security-release", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://www.isc.org/blogs/2024-bind-security-release/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263917", "reference_id": "2263917", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263917" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/", "reference_id": "6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/", "reference_id": "BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/" }, { "reference_url": "https://kb.isc.org/docs/cve-2023-50868", "reference_id": "cve-2023-50868", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://kb.isc.org/docs/cve-2023-50868" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-50868", "reference_id": "CVE-2023-50868", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-50868" }, { "reference_url": "https://security.gentoo.org/glsa/202412-10", "reference_id": "GLSA-202412-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-10" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/", "reference_id": "HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/", "reference_id": "IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html", "reference_id": "msg00006.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240307-0008/", "reference_id": "ntap-20240307-0008", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240307-0008/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/", "reference_id": "PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html", "reference_id": "powerdns-advisory-2024-01.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html" }, { "reference_url": "https://datatracker.ietf.org/doc/html/rfc5155", "reference_id": "rfc5155", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://datatracker.ietf.org/doc/html/rfc5155" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/", "reference_id": "RGS7JN6FZXUSTC2XKQHH27574XOULYYJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0965", "reference_id": "RHSA-2024:0965", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0965" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0977", "reference_id": "RHSA-2024:0977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0981", "reference_id": "RHSA-2024:0981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0982", "reference_id": "RHSA-2024:0982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11003", "reference_id": "RHSA-2024:11003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1334", "reference_id": "RHSA-2024:1334", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1335", "reference_id": "RHSA-2024:1335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1522", "reference_id": "RHSA-2024:1522", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1522" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1543", "reference_id": "RHSA-2024:1543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1544", "reference_id": "RHSA-2024:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1545", "reference_id": "RHSA-2024:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1647", "reference_id": "RHSA-2024:1647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1648", "reference_id": "RHSA-2024:1648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1781", "reference_id": "RHSA-2024:1781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1782", "reference_id": "RHSA-2024:1782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1789", "reference_id": "RHSA-2024:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1800", "reference_id": "RHSA-2024:1800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1801", "reference_id": "RHSA-2024:1801", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1801" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1803", "reference_id": "RHSA-2024:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1804", "reference_id": "RHSA-2024:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2551", "reference_id": "RHSA-2024:2551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2587", "reference_id": "RHSA-2024:2587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2696", "reference_id": "RHSA-2024:2696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2720", "reference_id": "RHSA-2024:2720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2721", "reference_id": "RHSA-2024:2721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2821", "reference_id": "RHSA-2024:2821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2890", "reference_id": "RHSA-2024:2890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3271", "reference_id": "RHSA-2024:3271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3741", "reference_id": "RHSA-2024:3741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3877", "reference_id": "RHSA-2024:3877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3929", "reference_id": "RHSA-2024:3929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0039", "reference_id": "RHSA-2025:0039", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0039" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1219826", "reference_id": "show_bug.cgi?id=1219826", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1219826" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/", "reference_id": "SVYA42BLXUCIDLD35YIJPJSHDIADNYMP", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/", "reference_id": "TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/" }, { "reference_url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/", "reference_id": "unbound-1.19.1-released", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/", "reference_id": "UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/" }, { "reference_url": "https://usn.ubuntu.com/6633-1/", "reference_id": "USN-6633-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6633-1/" }, { "reference_url": "https://usn.ubuntu.com/6642-1/", "reference_id": "USN-6642-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6642-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-1/", "reference_id": "USN-6657-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-2/", "reference_id": "USN-6657-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-2/" }, { "reference_url": "https://usn.ubuntu.com/6665-1/", "reference_id": "USN-6665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6665-1/" }, { "reference_url": "https://usn.ubuntu.com/6723-1/", "reference_id": "USN-6723-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6723-1/" }, { "reference_url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1", "reference_id": "v5.7.1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/", "reference_id": "ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37626?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37630?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37628?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-50868" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wfx1-urk3-37ha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29980?format=api", "vulnerability_id": "VCID-xash-n1ft-uba9", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5172.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5172.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5172", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.07223", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07982", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07986", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0799", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5172" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html", "reference_id": "018471.html", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T12:47:52Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458521", "reference_id": "2458521", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458521" }, { "reference_url": "https://www.kb.cert.org/vuls/id/471747", "reference_id": "471747", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T12:47:52Z/" } ], "url": "https://www.kb.cert.org/vuls/id/471747" }, { "reference_url": "https://github.com/NixOS/nixpkgs/pull/519082", "reference_id": "519082", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T12:47:52Z/" } ], "url": "https://github.com/NixOS/nixpkgs/pull/519082" }, { "reference_url": "https://github.com/NixOS/nixpkgs/pull/519093", "reference_id": "519093", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T12:47:52Z/" } ], "url": "https://github.com/NixOS/nixpkgs/pull/519093" }, { "reference_url": "https://thekelleys.org.uk/dnsmasq/CVE/", "reference_id": "CVE", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T12:47:52Z/" } ], "url": "https://thekelleys.org.uk/dnsmasq/CVE/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:19158", "reference_id": "RHSA-2026:19158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:19158" }, { "reference_url": "https://usn.ubuntu.com/8268-1/", "reference_id": "USN-8268-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8268-1/" }, { "reference_url": "https://github.com/pi-hole/FTL/releases/tag/v6.6.2", "reference_id": "v6.6.2", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-13T12:47:52Z/" } ], "url": "https://github.com/pi-hole/FTL/releases/tag/v6.6.2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37653?format=api", "purl": "pkg:deb/debian/dnsmasq@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37640?format=api", "purl": "pkg:deb/debian/dnsmasq@2.92-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-5172" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xash-n1ft-uba9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176523?format=api", "vulnerability_id": "VCID-xufq-8wjx-uyes", "summary": "A vulnerability in Dnsmasq can lead to a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3411.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3411.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3411", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75754", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75825", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75839", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00878", "scoring_system": "epss", "scoring_elements": "0.75834", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3411" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3411", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3411" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372", "reference_id": "683372", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=833033", "reference_id": "833033", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=833033" }, { "reference_url": "https://security.gentoo.org/glsa/201406-24", "reference_id": "GLSA-201406-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201406-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0276", "reference_id": "RHSA-2013:0276", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0276" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0277", "reference_id": "RHSA-2013:0277", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0277" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0579", "reference_id": "RHSA-2013:0579", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0579" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37585?format=api", "purl": "pkg:deb/debian/dnsmasq@2.63-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.63-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-3411" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xufq-8wjx-uyes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/177870?format=api", "vulnerability_id": "VCID-y7h9-5wve-27bw", "summary": "Multiple vulnerabilities in Dnsmasq might result in the remote execution of\n arbitrary code, or a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2958.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2958.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2958", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01131", "scoring_system": "epss", "scoring_elements": "0.78744", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01131", "scoring_system": "epss", "scoring_elements": "0.7881", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01131", "scoring_system": "epss", "scoring_elements": "0.78826", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01131", "scoring_system": "epss", "scoring_elements": "0.78823", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=519020", "reference_id": "519020", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=519020" }, { "reference_url": "https://security.gentoo.org/glsa/200909-19", "reference_id": "GLSA-200909-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200909-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1238", "reference_id": "RHSA-2009:1238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1238" }, { "reference_url": "https://usn.ubuntu.com/827-1/", "reference_id": "USN-827-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/827-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37582?format=api", "purl": "pkg:deb/debian/dnsmasq@2.50-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.50-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-2958" ], "risk_score": null, "exploitability": "2.0", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y7h9-5wve-27bw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8247?format=api", "vulnerability_id": "VCID-yee7-13b2-dbfp", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25685.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25685.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62566", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62667", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62679", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62673", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", "reference_id": "1889688", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889688" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0153", "reference_id": "RHSA-2021:0153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0154", "reference_id": "RHSA-2021:0154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0155", "reference_id": "RHSA-2021:0155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0156", "reference_id": "RHSA-2021:0156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0240", "reference_id": "RHSA-2021:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0245", "reference_id": "RHSA-2021:0245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0395", "reference_id": "RHSA-2021:0395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0401", "reference_id": "RHSA-2021:0401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0401" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37605?format=api", "purl": "pkg:deb/debian/dnsmasq@2.83-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.83-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-25685" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yee7-13b2-dbfp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/597?format=api", "vulnerability_id": "VCID-zz3w-qpna-wqdw", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8899.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8899.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8899", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23725", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23922", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23931", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23909", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8899" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343072", "reference_id": "1343072", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343072" }, { "reference_url": "https://usn.ubuntu.com/3009-1/", "reference_id": "USN-3009-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3009-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/37591?format=api", "purl": "pkg:deb/debian/dnsmasq@2.76-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37569?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2fdx-js9t-zkem" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37567?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37571?format=api", "purl": "pkg:deb/debian/dnsmasq@2.91-1%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/37570?format=api", "purl": "pkg:deb/debian/dnsmasq@2.93-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.93-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-8899" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zz3w-qpna-wqdw" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%252Bdeb13u1%3Fdistro=trixie" }