Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/585984?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "type": "deb", "namespace": "debian", "name": "dnsmasq", "version": "2.85-1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.90-4~deb12u1", "latest_non_vulnerable_version": "2.90-4~deb12u1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75379?format=api", "vulnerability_id": "VCID-1bzd-pqhn-hqfj", "summary": "dnsmasq: vulnerable to Integer Overflow via forward_query", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49441.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49441.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49441", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02143", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02095", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02144", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02162", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02139", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02124", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0212", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02148", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49441" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49441", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49441" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2023q4/017332.html", "reference_id": "017332.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T18:34:35Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2023q4/017332.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290849", "reference_id": "2290849", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290849" }, { "reference_url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=65c2d6afd67a032f45f40d7e4d620f5d73e5f07d", "reference_id": "?p=dnsmasq.git%3Ba=commit%3Bh=65c2d6afd67a032f45f40d7e4d620f5d73e5f07d", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T18:34:35Z/" } ], "url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=65c2d6afd67a032f45f40d7e4d620f5d73e5f07d" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585985?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1" } ], "aliases": [ "CVE-2023-49441" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1bzd-pqhn-hqfj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61411?format=api", "vulnerability_id": "VCID-66sa-bc5p-jqde", "summary": "Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97914", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97913", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97912", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97898", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97901", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97906", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97909", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97896", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97922", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html", "reference_id": "017430.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845", "reference_id": "1063845", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852", "reference_id": "1063852", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750", "reference_id": "1077750", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/2" }, { "reference_url": "https://www.isc.org/blogs/2024-bind-security-release/", "reference_id": "2024-bind-security-release", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.isc.org/blogs/2024-bind-security-release/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263914", "reference_id": "2263914", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263914" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/", "reference_id": "6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/", "reference_id": "BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/" }, { "reference_url": "https://kb.isc.org/docs/cve-2023-50387", "reference_id": "cve-2023-50387", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://kb.isc.org/docs/cve-2023-50387" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-50387", "reference_id": "CVE-2023-50387", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-50387" }, { "reference_url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387", "reference_id": "CVE-2023-50387", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387" }, { "reference_url": "https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/", "reference_id": "dnssec_vulnerability_internet", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-10", "reference_id": "GLSA-202412-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-10" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/", "reference_id": "HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/", "reference_id": "IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/" }, { "reference_url": "https://news.ycombinator.com/item?id=39367411", "reference_id": "item?id=39367411", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://news.ycombinator.com/item?id=39367411" }, { "reference_url": "https://news.ycombinator.com/item?id=39372384", "reference_id": "item?id=39372384", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://news.ycombinator.com/item?id=39372384" }, { "reference_url": "https://www.athene-center.de/aktuelles/key-trap", "reference_id": "key-trap", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.athene-center.de/aktuelles/key-trap" }, { "reference_url": "https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/", "reference_id": "keytrap-dns-attack-could-disable-large-parts-of-internet-researchers", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html", "reference_id": "msg00006.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240307-0007/", "reference_id": "ntap-20240307-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240307-0007/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/", "reference_id": "PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html", "reference_id": "powerdns-advisory-2024-01.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/", "reference_id": "RGS7JN6FZXUSTC2XKQHH27574XOULYYJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0965", "reference_id": "RHSA-2024:0965", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0965" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0977", "reference_id": "RHSA-2024:0977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0981", "reference_id": "RHSA-2024:0981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0982", "reference_id": "RHSA-2024:0982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11003", "reference_id": "RHSA-2024:11003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1334", "reference_id": "RHSA-2024:1334", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1335", "reference_id": "RHSA-2024:1335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1522", "reference_id": "RHSA-2024:1522", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1522" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1543", "reference_id": "RHSA-2024:1543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1544", "reference_id": "RHSA-2024:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1545", "reference_id": "RHSA-2024:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1647", "reference_id": "RHSA-2024:1647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1648", "reference_id": "RHSA-2024:1648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1781", "reference_id": "RHSA-2024:1781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1782", "reference_id": "RHSA-2024:1782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1789", "reference_id": "RHSA-2024:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1800", "reference_id": "RHSA-2024:1800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1801", "reference_id": "RHSA-2024:1801", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1801" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1803", "reference_id": "RHSA-2024:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1804", "reference_id": "RHSA-2024:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2551", "reference_id": "RHSA-2024:2551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2587", "reference_id": "RHSA-2024:2587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2696", "reference_id": "RHSA-2024:2696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2720", "reference_id": "RHSA-2024:2720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2721", "reference_id": "RHSA-2024:2721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2821", "reference_id": "RHSA-2024:2821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2890", "reference_id": "RHSA-2024:2890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3271", "reference_id": "RHSA-2024:3271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3741", "reference_id": "RHSA-2024:3741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3877", "reference_id": "RHSA-2024:3877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3929", "reference_id": "RHSA-2024:3929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0039", "reference_id": "RHSA-2025:0039", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0039" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1219823", "reference_id": "show_bug.cgi?id=1219823", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1219823" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/", "reference_id": "SVYA42BLXUCIDLD35YIJPJSHDIADNYMP", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/" }, { "reference_url": "https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf", "reference_id": "Technical_Report_KeyTrap.pdf", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/", "reference_id": "TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/" }, { "reference_url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/", "reference_id": "unbound-1.19.1-released", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/", "reference_id": "UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/" }, { "reference_url": "https://usn.ubuntu.com/6633-1/", "reference_id": "USN-6633-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6633-1/" }, { "reference_url": "https://usn.ubuntu.com/6642-1/", "reference_id": "USN-6642-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6642-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-1/", "reference_id": "USN-6657-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-2/", "reference_id": "USN-6657-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-2/" }, { "reference_url": "https://usn.ubuntu.com/6665-1/", "reference_id": "USN-6665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6665-1/" }, { "reference_url": "https://usn.ubuntu.com/6723-1/", "reference_id": "USN-6723-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6723-1/" }, { "reference_url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1", "reference_id": "v5.7.1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/", "reference_id": "ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585985?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1" } ], "aliases": [ "CVE-2023-50387" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-66sa-bc5p-jqde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61409?format=api", "vulnerability_id": "VCID-gnkg-afmr-r7aq", "summary": "Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0934.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0934.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06784", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06626", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06687", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06731", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06715", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06766", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06799", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06797", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06791", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0934" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html", "reference_id": "016272.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014715", "reference_id": "1014715", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014715" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2057075", "reference_id": "2057075", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2057075" }, { "reference_url": "https://security.archlinux.org/AVG-2716", "reference_id": "AVG-2716", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2716" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2022-0934", "reference_id": "CVE-2022-0934", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2022-0934" }, { "reference_url": "https://security.gentoo.org/glsa/202412-10", "reference_id": "GLSA-202412-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-10" }, { "reference_url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39", "reference_id": "?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/" } ], "url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7633", "reference_id": "RHSA-2022:7633", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7633" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8070", "reference_id": "RHSA-2022:8070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1545", "reference_id": "RHSA-2024:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1545" }, { "reference_url": "https://usn.ubuntu.com/5408-1/", "reference_id": "USN-5408-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5408-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585985?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1" } ], "aliases": [ "CVE-2022-0934" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gnkg-afmr-r7aq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61410?format=api", "vulnerability_id": "VCID-p726-bqvu-dfda", "summary": "Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28450.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28450.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01618", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01596", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01624", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01626", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01633", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01619", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01609", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01607", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28450" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28450" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033165", "reference_id": "1033165", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033165" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178948", "reference_id": "2178948", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178948" }, { "reference_url": "https://capec.mitre.org/data/definitions/495.html", "reference_id": "495.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://capec.mitre.org/data/definitions/495.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV/", "reference_id": "6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV/" }, { "reference_url": "https://thekelleys.org.uk/dnsmasq/doc.html", "reference_id": "doc.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://thekelleys.org.uk/dnsmasq/doc.html" }, { "reference_url": "https://security.gentoo.org/glsa/202412-10", "reference_id": "GLSA-202412-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-10" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA/", "reference_id": "OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA/" }, { "reference_url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG", "reference_id": "?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG" }, { "reference_url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5", "reference_id": "?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/" } ], "url": "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6524", "reference_id": "RHSA-2023:6524", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6524" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7046", "reference_id": "RHSA-2023:7046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1544", "reference_id": "RHSA-2024:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1545", "reference_id": "RHSA-2024:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4052", "reference_id": "RHSA-2024:4052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4052" }, { "reference_url": "https://usn.ubuntu.com/6034-1/", "reference_id": "USN-6034-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6034-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-1/", "reference_id": "USN-6657-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-2/", "reference_id": "USN-6657-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585985?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1" } ], "aliases": [ "CVE-2023-28450" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p726-bqvu-dfda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61412?format=api", "vulnerability_id": "VCID-vprj-j7u6-zbe7", "summary": "Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93713", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93712", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93708", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93694", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93684", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.9373", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93706", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93696", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html", "reference_id": "017430.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845", "reference_id": "1063845", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852", "reference_id": "1063852", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751", "reference_id": "1077751", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/2" }, { "reference_url": "https://www.isc.org/blogs/2024-bind-security-release/", "reference_id": "2024-bind-security-release", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://www.isc.org/blogs/2024-bind-security-release/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263917", "reference_id": "2263917", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263917" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/", "reference_id": "6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/", "reference_id": "BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/" }, { "reference_url": "https://kb.isc.org/docs/cve-2023-50868", "reference_id": "cve-2023-50868", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://kb.isc.org/docs/cve-2023-50868" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-50868", "reference_id": "CVE-2023-50868", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-50868" }, { "reference_url": "https://security.gentoo.org/glsa/202412-10", "reference_id": "GLSA-202412-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-10" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/", "reference_id": "HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/", "reference_id": "IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html", "reference_id": "msg00006.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240307-0008/", "reference_id": "ntap-20240307-0008", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240307-0008/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/", "reference_id": "PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html", "reference_id": "powerdns-advisory-2024-01.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html" }, { "reference_url": "https://datatracker.ietf.org/doc/html/rfc5155", "reference_id": "rfc5155", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://datatracker.ietf.org/doc/html/rfc5155" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/", "reference_id": "RGS7JN6FZXUSTC2XKQHH27574XOULYYJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0965", "reference_id": "RHSA-2024:0965", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0965" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0977", "reference_id": "RHSA-2024:0977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0981", "reference_id": "RHSA-2024:0981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0982", "reference_id": "RHSA-2024:0982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11003", "reference_id": "RHSA-2024:11003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1334", "reference_id": "RHSA-2024:1334", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1335", "reference_id": "RHSA-2024:1335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1522", "reference_id": "RHSA-2024:1522", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1522" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1543", "reference_id": "RHSA-2024:1543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1544", "reference_id": "RHSA-2024:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1545", "reference_id": "RHSA-2024:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1647", "reference_id": "RHSA-2024:1647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1648", "reference_id": "RHSA-2024:1648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1781", "reference_id": "RHSA-2024:1781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1782", "reference_id": "RHSA-2024:1782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1789", "reference_id": "RHSA-2024:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1800", "reference_id": "RHSA-2024:1800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1801", "reference_id": "RHSA-2024:1801", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1801" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1803", "reference_id": "RHSA-2024:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1804", "reference_id": "RHSA-2024:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2551", "reference_id": "RHSA-2024:2551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2587", "reference_id": "RHSA-2024:2587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2696", "reference_id": "RHSA-2024:2696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2720", "reference_id": "RHSA-2024:2720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2721", "reference_id": "RHSA-2024:2721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2821", "reference_id": "RHSA-2024:2821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2890", "reference_id": "RHSA-2024:2890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3271", "reference_id": "RHSA-2024:3271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3741", "reference_id": "RHSA-2024:3741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3877", "reference_id": "RHSA-2024:3877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3929", "reference_id": "RHSA-2024:3929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0039", "reference_id": "RHSA-2025:0039", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0039" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1219826", "reference_id": "show_bug.cgi?id=1219826", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1219826" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/", "reference_id": "SVYA42BLXUCIDLD35YIJPJSHDIADNYMP", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/", "reference_id": "TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/" }, { "reference_url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/", "reference_id": "unbound-1.19.1-released", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/", "reference_id": "UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/" }, { "reference_url": "https://usn.ubuntu.com/6633-1/", "reference_id": "USN-6633-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6633-1/" }, { "reference_url": "https://usn.ubuntu.com/6642-1/", "reference_id": "USN-6642-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6642-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-1/", "reference_id": "USN-6657-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-2/", "reference_id": "USN-6657-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-2/" }, { "reference_url": "https://usn.ubuntu.com/6665-1/", "reference_id": "USN-6665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6665-1/" }, { "reference_url": "https://usn.ubuntu.com/6723-1/", "reference_id": "USN-6723-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6723-1/" }, { "reference_url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1", "reference_id": "v5.7.1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/", "reference_id": "ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585985?format=api", "purl": "pkg:deb/debian/dnsmasq@2.90-4~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1" } ], "aliases": [ "CVE-2023-50868" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vprj-j7u6-zbe7" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81902?format=api", "vulnerability_id": "VCID-4a66-hb88-jbgp", "summary": "dnsmasq: memory leak in the create_helper() function in /src/helper.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14834.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14834.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14834", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12755", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12856", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12907", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12712", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12792", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12843", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12809", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12772", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12725", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12628", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14834" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764425", "reference_id": "1764425", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764425" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948373", "reference_id": "948373", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1715", "reference_id": "RHSA-2020:1715", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1715" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3878", "reference_id": "RHSA-2020:3878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3878" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" }, { "reference_url": "https://usn.ubuntu.com/7689-1/", "reference_id": "USN-7689-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7689-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2019-14834" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4a66-hb88-jbgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46207?format=api", "vulnerability_id": "VCID-69jf-2cmm-tkhj", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25682.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25682.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96955", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96991", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96982", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96983", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96962", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96966", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96969", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96977", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96978", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.34287", "scoring_system": "epss", "scoring_elements": "0.96981", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1882014", "reference_id": "1882014", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1882014" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2020-25682" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-69jf-2cmm-tkhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46211?format=api", "vulnerability_id": "VCID-a9ya-bnnp-hyc4", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25685.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25685.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54629", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54753", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54736", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54715", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54699", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54722", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54692", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54744", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.5474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00316", "scoring_system": "epss", "scoring_elements": "0.54752", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889688", "reference_id": "1889688", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889688" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0153", "reference_id": "RHSA-2021:0153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0154", "reference_id": "RHSA-2021:0154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0155", "reference_id": "RHSA-2021:0155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0156", "reference_id": "RHSA-2021:0156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0240", "reference_id": "RHSA-2021:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0245", "reference_id": "RHSA-2021:0245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0395", "reference_id": "RHSA-2021:0395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0401", "reference_id": "RHSA-2021:0401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0401" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2020-25685" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a9ya-bnnp-hyc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46212?format=api", "vulnerability_id": "VCID-jj87-61kf-mufs", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25686.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25686.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61242", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61406", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61387", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61368", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61321", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6135", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61319", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61366", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61381", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61402", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890125", "reference_id": "1890125", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890125" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0153", "reference_id": "RHSA-2021:0153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0154", "reference_id": "RHSA-2021:0154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0155", "reference_id": "RHSA-2021:0155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0156", "reference_id": "RHSA-2021:0156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0240", "reference_id": "RHSA-2021:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0245", "reference_id": "RHSA-2021:0245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0395", "reference_id": "RHSA-2021:0395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0401", "reference_id": "RHSA-2021:0401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0401" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2020-25686" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jj87-61kf-mufs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46209?format=api", "vulnerability_id": "VCID-khrt-9ar9-wbc3", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25683.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25683.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.9674", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.96776", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.96767", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.9677", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.9675", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.96751", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.96756", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.96763", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.31317", "scoring_system": "epss", "scoring_elements": "0.96764", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1882018", "reference_id": "1882018", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1882018" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2020-25683" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-khrt-9ar9-wbc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46213?format=api", "vulnerability_id": "VCID-nrja-2ajq-mfek", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25687.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25687.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95739", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95785", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95774", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95776", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95748", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95756", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95759", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.95767", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.22", "scoring_system": "epss", "scoring_elements": "0.9577", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25687" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891568", "reference_id": "1891568", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891568" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2020-25687" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nrja-2ajq-mfek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46210?format=api", "vulnerability_id": "VCID-nute-d491-mqa9", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25684.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25684.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49417", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49512", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49464", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49466", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49445", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49472", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49425", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.4948", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49475", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49492", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889686", "reference_id": "1889686", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889686" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0153", "reference_id": "RHSA-2021:0153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0153" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0154", "reference_id": "RHSA-2021:0154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0155", "reference_id": "RHSA-2021:0155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0156", "reference_id": "RHSA-2021:0156", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0156" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0240", "reference_id": "RHSA-2021:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0245", "reference_id": "RHSA-2021:0245", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0245" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0395", "reference_id": "RHSA-2021:0395", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0395" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0401", "reference_id": "RHSA-2021:0401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0401" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2020-25684" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nute-d491-mqa9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59314?format=api", "vulnerability_id": "VCID-vshb-4mjd-qugr", "summary": "Use of insufficient randomness in Dnsmasq might lead to DNS Cache\n Poisoning.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3448.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3448.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3448", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12634", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12509", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12738", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12784", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12591", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1267", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12723", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1269", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1265", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12605", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3448" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939368", "reference_id": "1939368", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939368" }, { "reference_url": "https://security.archlinux.org/AVG-1703", "reference_id": "AVG-1703", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1703" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24/", "reference_id": "CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7/", "reference_id": "FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V/", "reference_id": "GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V/" }, { "reference_url": "https://security.gentoo.org/glsa/202105-20", "reference_id": "GLSA-202105-20", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/" } ], "url": "https://security.gentoo.org/glsa/202105-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4153", "reference_id": "RHSA-2021:4153", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4153" }, { "reference_url": "https://usn.ubuntu.com/4976-1/", "reference_id": "USN-4976-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4976-1/" }, { "reference_url": "https://usn.ubuntu.com/4976-2/", "reference_id": "USN-4976-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4976-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2021-3448" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vshb-4mjd-qugr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46206?format=api", "vulnerability_id": "VCID-yaj9-mfyu-uqdm", "summary": "Multiple vulnerabilities have been found in Dnsmasq, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25681.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25681.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97582", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97614", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97605", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97606", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97588", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97591", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97592", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97598", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.976", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.45359", "scoring_system": "epss", "scoring_elements": "0.97603", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881875", "reference_id": "1881875", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881875" }, { "reference_url": "https://security.archlinux.org/ASA-202101-38", "reference_id": "ASA-202101-38", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-38" }, { "reference_url": "https://security.archlinux.org/AVG-1470", "reference_id": "AVG-1470", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1470" }, { "reference_url": "https://security.gentoo.org/glsa/202101-17", "reference_id": "GLSA-202101-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0150", "reference_id": "RHSA-2021:0150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0151", "reference_id": "RHSA-2021:0151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0152", "reference_id": "RHSA-2021:0152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0152" }, { "reference_url": "https://usn.ubuntu.com/4698-1/", "reference_id": "USN-4698-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4698-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037958?format=api", "purl": "pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4a66-hb88-jbgp" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-69jf-2cmm-tkhj" }, { "vulnerability": "VCID-a9ya-bnnp-hyc4" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-jj87-61kf-mufs" }, { "vulnerability": "VCID-khrt-9ar9-wbc3" }, { "vulnerability": "VCID-nrja-2ajq-mfek" }, { "vulnerability": "VCID-nute-d491-mqa9" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-vshb-4mjd-qugr" }, { "vulnerability": "VCID-yaj9-mfyu-uqdm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/585984?format=api", "purl": "pkg:deb/debian/dnsmasq@2.85-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1bzd-pqhn-hqfj" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-gnkg-afmr-r7aq" }, { "vulnerability": "VCID-p726-bqvu-dfda" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" } ], "aliases": [ "CVE-2020-25681" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yaj9-mfyu-uqdm" } ], "risk_score": "3.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1" }