Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie

Type deb

Namespace debian

Name knot-resolver

Version 6.2.0-2

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-2wu3-v2hz-q3bv

vulnerability_id VCID-2wu3-v2hz-q3bv

summary Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-12667

reference_id

reference_type

scores

value	0.01022
scoring_system	epss
scoring_elements	0.77187
published_at	2026-04-01T12:55:00Z

value	0.01022
scoring_system	epss
scoring_elements	0.77193
published_at	2026-04-02T12:55:00Z

value	0.01022
scoring_system	epss
scoring_elements	0.77222
published_at	2026-04-04T12:55:00Z

value	0.01022
scoring_system	epss
scoring_elements	0.77204
published_at	2026-04-07T12:55:00Z

value	0.01022
scoring_system	epss
scoring_elements	0.77236
published_at	2026-04-08T12:55:00Z

value	0.01022
scoring_system	epss
scoring_elements	0.77244
published_at	2026-04-09T12:55:00Z

value	0.01022
scoring_system	epss
scoring_elements	0.77271
published_at	2026-04-11T12:55:00Z

value	0.01022
scoring_system	epss
scoring_elements	0.7725
published_at	2026-04-12T12:55:00Z

value	0.01022
scoring_system	epss
scoring_elements	0.77247
published_at	2026-04-13T12:55:00Z

value	0.01022
scoring_system	epss
scoring_elements	0.77287
published_at	2026-04-18T12:55:00Z

value	0.01022
scoring_system	epss
scoring_elements	0.77279
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-12667

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12667
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12667

reference_url

http://cyber-security-group.cs.tau.ac.il/#

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T17:02:23Z/

url

http://cyber-security-group.cs.tau.ac.il/#

reference_url

http://www.openwall.com/lists/oss-security/2020/05/19/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T17:02:23Z/

url

http://www.openwall.com/lists/oss-security/2020/05/19/2

reference_url

https://www.knot-resolver.cz/2020-05-19-knot-resolver-5.1.1.html

reference_id

2020-05-19-knot-resolver-5.1.1.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T17:02:23Z/

url

https://www.knot-resolver.cz/2020-05-19-knot-resolver-5.1.1.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76Y4FITMOH6RVPWAANGV7NB2ZHPJJGDQ/

reference_id

76Y4FITMOH6RVPWAANGV7NB2ZHPJJGDQ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T17:02:23Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/76Y4FITMOH6RVPWAANGV7NB2ZHPJJGDQ/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961076
reference_id	961076
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961076

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00017.html

reference_id

msg00017.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T17:02:23Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00017.html

reference_url

https://en.blog.nic.cz/2020/05/19/nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack/

reference_id

nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-26T17:02:23Z/

url

https://en.blog.nic.cz/2020/05/19/nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack/

reference_url	https://usn.ubuntu.com/7047-1/
reference_id	USN-7047-1
reference_type
scores
url	https://usn.ubuntu.com/7047-1/

fixed_packages

url	pkg:deb/debian/knot-resolver@5.1.1-0.1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.1.1-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.1.1-0.1%3Fdistro=trixie

url pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-c7c5-awxv-j3de

vulnerability	VCID-efrw-bm7j-6qgz

vulnerability	VCID-ps4g-f1q9-wqhm

vulnerability	VCID-vprj-j7u6-zbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.3.1-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.6.0-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
purl	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@6.2.0-2%3Fdistro=trixie

aliases CVE-2020-12667

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2wu3-v2hz-q3bv

url VCID-66sa-bc5p-jqde

vulnerability_id VCID-66sa-bc5p-jqde

summary Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-50387

reference_id

reference_type

scores

value	0.51989
scoring_system	epss
scoring_elements	0.97921
published_at	2026-04-21T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97922
published_at	2026-04-18T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97914
published_at	2026-04-13T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97913
published_at	2026-04-12T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97912
published_at	2026-04-11T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97909
published_at	2026-04-09T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97906
published_at	2026-04-08T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97901
published_at	2026-04-07T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97898
published_at	2026-04-04T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97896
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-50387

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html

reference_id

017430.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845
reference_id	1063845
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852
reference_id	1063852
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750
reference_id	1077750
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750

reference_url

http://www.openwall.com/lists/oss-security/2024/02/16/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

http://www.openwall.com/lists/oss-security/2024/02/16/2

reference_url

https://www.isc.org/blogs/2024-bind-security-release/

reference_id

2024-bind-security-release

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://www.isc.org/blogs/2024-bind-security-release/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2263914
reference_id	2263914
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2263914

reference_url

http://www.openwall.com/lists/oss-security/2024/02/16/3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

http://www.openwall.com/lists/oss-security/2024/02/16/3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/

reference_id

6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/

reference_id

BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/

reference_url

https://kb.isc.org/docs/cve-2023-50387

reference_id

cve-2023-50387

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://kb.isc.org/docs/cve-2023-50387

reference_url

https://access.redhat.com/security/cve/CVE-2023-50387

reference_id

CVE-2023-50387

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://access.redhat.com/security/cve/CVE-2023-50387

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387

reference_id

CVE-2023-50387

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387

reference_url

https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/

reference_id

dnssec_vulnerability_internet

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/

reference_url	https://security.gentoo.org/glsa/202412-10
reference_id	GLSA-202412-10
reference_type
scores
url	https://security.gentoo.org/glsa/202412-10

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/

reference_id

HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/

reference_id

IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/

reference_url

https://news.ycombinator.com/item?id=39367411

reference_id

item?id=39367411

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://news.ycombinator.com/item?id=39367411

reference_url

https://news.ycombinator.com/item?id=39372384

reference_id

item?id=39372384

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://news.ycombinator.com/item?id=39372384

reference_url

https://www.athene-center.de/aktuelles/key-trap

reference_id

key-trap

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://www.athene-center.de/aktuelles/key-trap

reference_url

https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/

reference_id

keytrap-dns-attack-could-disable-large-parts-of-internet-researchers

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/

reference_url

https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html

reference_id

msg00006.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html

reference_id

msg00011.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html

reference_url

https://security.netapp.com/advisory/ntap-20240307-0007/

reference_id

ntap-20240307-0007

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://security.netapp.com/advisory/ntap-20240307-0007/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/

reference_id

PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html

reference_id

powerdns-advisory-2024-01.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/

reference_id

RGS7JN6FZXUSTC2XKQHH27574XOULYYJ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/

reference_url	https://access.redhat.com/errata/RHSA-2024:0965
reference_id	RHSA-2024:0965
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0965

reference_url	https://access.redhat.com/errata/RHSA-2024:0977
reference_id	RHSA-2024:0977
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0977

reference_url	https://access.redhat.com/errata/RHSA-2024:0981
reference_id	RHSA-2024:0981
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0981

reference_url	https://access.redhat.com/errata/RHSA-2024:0982
reference_id	RHSA-2024:0982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0982

reference_url	https://access.redhat.com/errata/RHSA-2024:11003
reference_id	RHSA-2024:11003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:11003

reference_url	https://access.redhat.com/errata/RHSA-2024:1334
reference_id	RHSA-2024:1334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1334

reference_url	https://access.redhat.com/errata/RHSA-2024:1335
reference_id	RHSA-2024:1335
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1335

reference_url	https://access.redhat.com/errata/RHSA-2024:1522
reference_id	RHSA-2024:1522
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1522

reference_url	https://access.redhat.com/errata/RHSA-2024:1543
reference_id	RHSA-2024:1543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1543

reference_url	https://access.redhat.com/errata/RHSA-2024:1544
reference_id	RHSA-2024:1544
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1544

reference_url	https://access.redhat.com/errata/RHSA-2024:1545
reference_id	RHSA-2024:1545
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1545

reference_url	https://access.redhat.com/errata/RHSA-2024:1647
reference_id	RHSA-2024:1647
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1647

reference_url	https://access.redhat.com/errata/RHSA-2024:1648
reference_id	RHSA-2024:1648
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1648

reference_url	https://access.redhat.com/errata/RHSA-2024:1781
reference_id	RHSA-2024:1781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1781

reference_url	https://access.redhat.com/errata/RHSA-2024:1782
reference_id	RHSA-2024:1782
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1782

reference_url	https://access.redhat.com/errata/RHSA-2024:1789
reference_id	RHSA-2024:1789
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1789

reference_url	https://access.redhat.com/errata/RHSA-2024:1800
reference_id	RHSA-2024:1800
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1800

reference_url	https://access.redhat.com/errata/RHSA-2024:1801
reference_id	RHSA-2024:1801
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1801

reference_url	https://access.redhat.com/errata/RHSA-2024:1803
reference_id	RHSA-2024:1803
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1803

reference_url	https://access.redhat.com/errata/RHSA-2024:1804
reference_id	RHSA-2024:1804
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1804

reference_url	https://access.redhat.com/errata/RHSA-2024:2551
reference_id	RHSA-2024:2551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2551

reference_url	https://access.redhat.com/errata/RHSA-2024:2587
reference_id	RHSA-2024:2587
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2587

reference_url	https://access.redhat.com/errata/RHSA-2024:2696
reference_id	RHSA-2024:2696
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2696

reference_url	https://access.redhat.com/errata/RHSA-2024:2720
reference_id	RHSA-2024:2720
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2720

reference_url	https://access.redhat.com/errata/RHSA-2024:2721
reference_id	RHSA-2024:2721
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2721

reference_url	https://access.redhat.com/errata/RHSA-2024:2821
reference_id	RHSA-2024:2821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2821

reference_url	https://access.redhat.com/errata/RHSA-2024:2890
reference_id	RHSA-2024:2890
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2890

reference_url	https://access.redhat.com/errata/RHSA-2024:3271
reference_id	RHSA-2024:3271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3271

reference_url	https://access.redhat.com/errata/RHSA-2024:3741
reference_id	RHSA-2024:3741
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3741

reference_url	https://access.redhat.com/errata/RHSA-2024:3877
reference_id	RHSA-2024:3877
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3877

reference_url	https://access.redhat.com/errata/RHSA-2024:3929
reference_id	RHSA-2024:3929
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3929

reference_url	https://access.redhat.com/errata/RHSA-2025:0039
reference_id	RHSA-2025:0039
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0039

reference_url

https://bugzilla.suse.com/show_bug.cgi?id=1219823

reference_id

show_bug.cgi?id=1219823

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://bugzilla.suse.com/show_bug.cgi?id=1219823

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/

reference_id

SVYA42BLXUCIDLD35YIJPJSHDIADNYMP

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/

reference_url

https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf

reference_id

Technical_Report_KeyTrap.pdf

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/

reference_id

TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/

reference_url

https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/

reference_id

unbound-1.19.1-released

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/

reference_id

UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/

reference_url	https://usn.ubuntu.com/6633-1/
reference_id	USN-6633-1
reference_type
scores
url	https://usn.ubuntu.com/6633-1/

reference_url	https://usn.ubuntu.com/6642-1/
reference_id	USN-6642-1
reference_type
scores
url	https://usn.ubuntu.com/6642-1/

reference_url	https://usn.ubuntu.com/6657-1/
reference_id	USN-6657-1
reference_type
scores
url	https://usn.ubuntu.com/6657-1/

reference_url	https://usn.ubuntu.com/6657-2/
reference_id	USN-6657-2
reference_type
scores
url	https://usn.ubuntu.com/6657-2/

reference_url	https://usn.ubuntu.com/6665-1/
reference_id	USN-6665-1
reference_type
scores
url	https://usn.ubuntu.com/6665-1/

reference_url	https://usn.ubuntu.com/6723-1/
reference_id	USN-6723-1
reference_type
scores
url	https://usn.ubuntu.com/6723-1/

reference_url

https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1

reference_id

v5.7.1

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/

reference_id

ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/

fixed_packages

url	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.6.0-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.7.1-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.7.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.7.1-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
purl	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@6.2.0-2%3Fdistro=trixie

aliases CVE-2023-50387

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-66sa-bc5p-jqde

url VCID-6v2g-xt54-7fgs

vulnerability_id VCID-6v2g-xt54-7fgs

summary A flaw was found in knot-resolver before version 2.3.0. Malformed DNS messages may cause denial of service.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1110

reference_id

reference_type

scores

value	0.00502
scoring_system	epss
scoring_elements	0.65972
published_at	2026-04-01T12:55:00Z

value	0.00502
scoring_system	epss
scoring_elements	0.66015
published_at	2026-04-02T12:55:00Z

value	0.00502
scoring_system	epss
scoring_elements	0.66043
published_at	2026-04-04T12:55:00Z

value	0.00502
scoring_system	epss
scoring_elements	0.6601
published_at	2026-04-07T12:55:00Z

value	0.00502
scoring_system	epss
scoring_elements	0.66059
published_at	2026-04-08T12:55:00Z

value	0.00502
scoring_system	epss
scoring_elements	0.66072
published_at	2026-04-09T12:55:00Z

value	0.00502
scoring_system	epss
scoring_elements	0.6609
published_at	2026-04-11T12:55:00Z

value	0.00502
scoring_system	epss
scoring_elements	0.66078
published_at	2026-04-12T12:55:00Z

value	0.00502
scoring_system	epss
scoring_elements	0.66048
published_at	2026-04-13T12:55:00Z

value	0.00502
scoring_system	epss
scoring_elements	0.66083
published_at	2026-04-16T12:55:00Z

value	0.00502
scoring_system	epss
scoring_elements	0.66097
published_at	2026-04-18T12:55:00Z

value	0.00502
scoring_system	epss
scoring_elements	0.66085
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1110

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1110
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1110

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896681
reference_id	896681
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896681

fixed_packages

url	pkg:deb/debian/knot-resolver@2.3.0-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@2.3.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@2.3.0-1%3Fdistro=trixie

url pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-c7c5-awxv-j3de

vulnerability	VCID-efrw-bm7j-6qgz

vulnerability	VCID-ps4g-f1q9-wqhm

vulnerability	VCID-vprj-j7u6-zbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.3.1-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.6.0-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
purl	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@6.2.0-2%3Fdistro=trixie

aliases CVE-2018-1110

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6v2g-xt54-7fgs

url VCID-8ks2-kv5d-gkdc

vulnerability_id VCID-8ks2-kv5d-gkdc

summary knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A records can be squashed into one DNS message (limit is 64kB).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-19331

reference_id

reference_type

scores

value	0.00489
scoring_system	epss
scoring_elements	0.65416
published_at	2026-04-01T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65465
published_at	2026-04-02T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65492
published_at	2026-04-04T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65457
published_at	2026-04-07T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.6551
published_at	2026-04-08T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65521
published_at	2026-04-09T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65539
published_at	2026-04-11T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65526
published_at	2026-04-12T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65499
published_at	2026-04-13T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65534
published_at	2026-04-16T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65546
published_at	2026-04-18T12:55:00Z

value	0.00489
scoring_system	epss
scoring_elements	0.65531
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-19331

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19331
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19331

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946181
reference_id	946181
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946181

reference_url	https://usn.ubuntu.com/7047-1/
reference_id	USN-7047-1
reference_type
scores
url	https://usn.ubuntu.com/7047-1/

fixed_packages

url	pkg:deb/debian/knot-resolver@5.0.1-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.0.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.0.1-1%3Fdistro=trixie

url pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-c7c5-awxv-j3de

vulnerability	VCID-efrw-bm7j-6qgz

vulnerability	VCID-ps4g-f1q9-wqhm

vulnerability	VCID-vprj-j7u6-zbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.3.1-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.6.0-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
purl	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@6.2.0-2%3Fdistro=trixie

aliases CVE-2019-19331

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8ks2-kv5d-gkdc

url VCID-c7c5-awxv-j3de

vulnerability_id VCID-c7c5-awxv-j3de

summary Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-40188

reference_id

reference_type

scores

value	0.00458
scoring_system	epss
scoring_elements	0.63997
published_at	2026-04-04T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64039
published_at	2026-04-18T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64028
published_at	2026-04-16T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.63993
published_at	2026-04-13T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64022
published_at	2026-04-12T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64036
published_at	2026-04-11T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64024
published_at	2026-04-09T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.64007
published_at	2026-04-08T12:55:00Z

value	0.00458
scoring_system	epss
scoring_elements	0.63956
published_at	2026-04-07T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.64577
published_at	2026-04-02T12:55:00Z

value	0.00471
scoring_system	epss
scoring_elements	0.64639
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-40188

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40188
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40188

reference_url

https://gitlab.nic.cz/knot/knot-resolver/-/merge_requests/1343#note_262558

reference_id

1343#note_262558

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-27T14:55:00Z/

url

https://gitlab.nic.cz/knot/knot-resolver/-/merge_requests/1343#note_262558

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIMDNIUI7GTUEKIBBYYW7OCTJQFPDNXL/

reference_id

HIMDNIUI7GTUEKIBBYYW7OCTJQFPDNXL

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-27T14:55:00Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIMDNIUI7GTUEKIBBYYW7OCTJQFPDNXL/

reference_url

https://lists.debian.org/debian-lts-announce/2022/10/msg00008.html

reference_id

msg00008.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-27T14:55:00Z/

url

https://lists.debian.org/debian-lts-announce/2022/10/msg00008.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2VE5K3VDUHJOIA2IGT3G5R76IBADMNE/

reference_id

S2VE5K3VDUHJOIA2IGT3G5R76IBADMNE

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-27T14:55:00Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2VE5K3VDUHJOIA2IGT3G5R76IBADMNE/

reference_url	https://usn.ubuntu.com/6225-1/
reference_id	USN-6225-1
reference_type
scores
url	https://usn.ubuntu.com/6225-1/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO6LIVQS62MI5GG4OVYB5RHVZMYNHAHG/

reference_id

XO6LIVQS62MI5GG4OVYB5RHVZMYNHAHG

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-27T14:55:00Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XO6LIVQS62MI5GG4OVYB5RHVZMYNHAHG/

fixed_packages

url	pkg:deb/debian/knot-resolver@5.5.3-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.5.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.5.3-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.6.0-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
purl	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@6.2.0-2%3Fdistro=trixie

aliases CVE-2022-40188

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c7c5-awxv-j3de

url VCID-efrw-bm7j-6qgz

vulnerability_id VCID-efrw-bm7j-6qgz

summary Knot Resolver before 5.7.0 performs many TCP reconnections upon receiving certain nonsensical responses from servers.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-46317

reference_id

reference_type

scores

value	0.00094
scoring_system	epss
scoring_elements	0.262
published_at	2026-04-12T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26146
published_at	2026-04-16T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26141
published_at	2026-04-13T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26351
published_at	2026-04-04T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26123
published_at	2026-04-18T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.2619
published_at	2026-04-08T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26238
published_at	2026-04-09T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26245
published_at	2026-04-11T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.2655
published_at	2026-04-21T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26765
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-46317

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46317
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46317

reference_url

https://gitlab.nic.cz/knot/knot-resolver/-/merge_requests/1448

reference_id

1448

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-12T17:42:31Z/

url

https://gitlab.nic.cz/knot/knot-resolver/-/merge_requests/1448

reference_url

https://www.knot-resolver.cz/2023-08-22-knot-resolver-5.7.0.html

reference_id

2023-08-22-knot-resolver-5.7.0.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-12T17:42:31Z/

url

https://www.knot-resolver.cz/2023-08-22-knot-resolver-5.7.0.html

fixed_packages

url	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.6.0-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.7.0-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.7.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.7.0-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
purl	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@6.2.0-2%3Fdistro=trixie

aliases CVE-2023-46317

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-efrw-bm7j-6qgz

url VCID-fptj-ztkq-7uag

vulnerability_id VCID-fptj-ztkq-7uag

summary A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10191

reference_id

reference_type

scores

value	0.00268
scoring_system	epss
scoring_elements	0.50173
published_at	2026-04-01T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50219
published_at	2026-04-02T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50248
published_at	2026-04-04T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50197
published_at	2026-04-07T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50251
published_at	2026-04-08T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50243
published_at	2026-04-09T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.5027
published_at	2026-04-11T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50244
published_at	2026-04-12T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50232
published_at	2026-04-13T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50277
published_at	2026-04-18T12:55:00Z

value	0.00268
scoring_system	epss
scoring_elements	0.50252
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10191

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10191
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10191

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932048
reference_id	932048
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932048

reference_url	https://usn.ubuntu.com/7047-1/
reference_id	USN-7047-1
reference_type
scores
url	https://usn.ubuntu.com/7047-1/

fixed_packages

url	pkg:deb/debian/knot-resolver@5.0.1-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.0.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.0.1-1%3Fdistro=trixie

url pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-c7c5-awxv-j3de

vulnerability	VCID-efrw-bm7j-6qgz

vulnerability	VCID-ps4g-f1q9-wqhm

vulnerability	VCID-vprj-j7u6-zbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.3.1-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.6.0-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
purl	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@6.2.0-2%3Fdistro=trixie

aliases CVE-2019-10191

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fptj-ztkq-7uag

url VCID-g2wb-bccm-ufhn

vulnerability_id VCID-g2wb-bccm-ufhn

summary A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client even if its DNSSEC validation failed, instead of sending a SERVFAIL packet. Caching is not affected by this particular bug but see CVE-2019-10191.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10190

reference_id

reference_type

scores

value	0.00262
scoring_system	epss
scoring_elements	0.49468
published_at	2026-04-01T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49498
published_at	2026-04-02T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49524
published_at	2026-04-04T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49477
published_at	2026-04-07T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49532
published_at	2026-04-08T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49528
published_at	2026-04-09T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49545
published_at	2026-04-11T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49516
published_at	2026-04-12T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49518
published_at	2026-04-13T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49565
published_at	2026-04-16T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49563
published_at	2026-04-18T12:55:00Z

value	0.00262
scoring_system	epss
scoring_elements	0.49534
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10190

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10190
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10190

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932048
reference_id	932048
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932048

reference_url	https://usn.ubuntu.com/7047-1/
reference_id	USN-7047-1
reference_type
scores
url	https://usn.ubuntu.com/7047-1/

fixed_packages

url	pkg:deb/debian/knot-resolver@5.0.1-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.0.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.0.1-1%3Fdistro=trixie

url pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-c7c5-awxv-j3de

vulnerability	VCID-efrw-bm7j-6qgz

vulnerability	VCID-ps4g-f1q9-wqhm

vulnerability	VCID-vprj-j7u6-zbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.3.1-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.6.0-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
purl	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@6.2.0-2%3Fdistro=trixie

aliases CVE-2019-10190

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g2wb-bccm-ufhn

url VCID-gg4r-446v-kybs

vulnerability_id VCID-gg4r-446v-kybs

summary Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-10920

reference_id

reference_type

scores

value	0.12203
scoring_system	epss
scoring_elements	0.93799
published_at	2026-04-01T12:55:00Z

value	0.12203
scoring_system	epss
scoring_elements	0.93808
published_at	2026-04-02T12:55:00Z

value	0.12203
scoring_system	epss
scoring_elements	0.93818
published_at	2026-04-04T12:55:00Z

value	0.12203
scoring_system	epss
scoring_elements	0.93821
published_at	2026-04-07T12:55:00Z

value	0.12203
scoring_system	epss
scoring_elements	0.9383
published_at	2026-04-08T12:55:00Z

value	0.12203
scoring_system	epss
scoring_elements	0.93833
published_at	2026-04-09T12:55:00Z

value	0.12203
scoring_system	epss
scoring_elements	0.93838
published_at	2026-04-12T12:55:00Z

value	0.12203
scoring_system	epss
scoring_elements	0.93839
published_at	2026-04-13T12:55:00Z

value	0.12203
scoring_system	epss
scoring_elements	0.93861
published_at	2026-04-16T12:55:00Z

value	0.12203
scoring_system	epss
scoring_elements	0.93867
published_at	2026-04-18T12:55:00Z

value	0.12203
scoring_system	epss
scoring_elements	0.93868
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-10920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10920

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905325
reference_id	905325
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905325

fixed_packages

url	pkg:deb/debian/knot-resolver@2.4.1-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@2.4.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@2.4.1-1%3Fdistro=trixie

url pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-c7c5-awxv-j3de

vulnerability	VCID-efrw-bm7j-6qgz

vulnerability	VCID-ps4g-f1q9-wqhm

vulnerability	VCID-vprj-j7u6-zbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.3.1-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.6.0-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
purl	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@6.2.0-2%3Fdistro=trixie

aliases CVE-2018-10920

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gg4r-446v-kybs

url VCID-ne61-utfg-8bgx

vulnerability_id VCID-ne61-utfg-8bgx

summary Knot Resolver before 5.3.2 is prone to an assertion failure, triggerable by a remote attacker in an edge case (NSEC3 with too many iterations used for a positive wildcard proof).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-40083

reference_id

reference_type

scores

value	0.0084
scoring_system	epss
scoring_elements	0.74656
published_at	2026-04-01T12:55:00Z

value	0.0084
scoring_system	epss
scoring_elements	0.7466
published_at	2026-04-02T12:55:00Z

value	0.0084
scoring_system	epss
scoring_elements	0.74687
published_at	2026-04-04T12:55:00Z

value	0.0084
scoring_system	epss
scoring_elements	0.74661
published_at	2026-04-07T12:55:00Z

value	0.0084
scoring_system	epss
scoring_elements	0.74693
published_at	2026-04-08T12:55:00Z

value	0.0084
scoring_system	epss
scoring_elements	0.74708
published_at	2026-04-09T12:55:00Z

value	0.0084
scoring_system	epss
scoring_elements	0.74731
published_at	2026-04-11T12:55:00Z

value	0.0084
scoring_system	epss
scoring_elements	0.7471
published_at	2026-04-12T12:55:00Z

value	0.0084
scoring_system	epss
scoring_elements	0.74702
published_at	2026-04-13T12:55:00Z

value	0.0084
scoring_system	epss
scoring_elements	0.74739
published_at	2026-04-16T12:55:00Z

value	0.0084
scoring_system	epss
scoring_elements	0.74747
published_at	2026-04-18T12:55:00Z

value	0.0084
scoring_system	epss
scoring_elements	0.74737
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-40083

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40083
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40083

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991463
reference_id	991463
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991463

fixed_packages

url pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-c7c5-awxv-j3de

vulnerability	VCID-efrw-bm7j-6qgz

vulnerability	VCID-ps4g-f1q9-wqhm

vulnerability	VCID-vprj-j7u6-zbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.3.1-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.4.1-2?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.4.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.4.1-2%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.6.0-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
purl	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@6.2.0-2%3Fdistro=trixie

aliases CVE-2021-40083

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ne61-utfg-8bgx

url VCID-p1yj-k985-kkbv

vulnerability_id VCID-p1yj-k985-kkbv

summary Improper input validation bugs in DNSSEC validators components in Knot Resolver (prior version 1.5.2) allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000002

reference_id

reference_type

scores

value	0.00377
scoring_system	epss
scoring_elements	0.59203
published_at	2026-04-01T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59277
published_at	2026-04-02T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.593
published_at	2026-04-04T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59264
published_at	2026-04-07T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59314
published_at	2026-04-08T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59327
published_at	2026-04-09T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59346
published_at	2026-04-11T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.5933
published_at	2026-04-12T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59312
published_at	2026-04-13T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59345
published_at	2026-04-16T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59352
published_at	2026-04-18T12:55:00Z

value	0.00377
scoring_system	epss
scoring_elements	0.59332
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000002

fixed_packages

url	pkg:deb/debian/knot-resolver@1.5.2-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@1.5.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@1.5.2-1%3Fdistro=trixie

url pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-c7c5-awxv-j3de

vulnerability	VCID-efrw-bm7j-6qgz

vulnerability	VCID-ps4g-f1q9-wqhm

vulnerability	VCID-vprj-j7u6-zbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.3.1-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.6.0-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
purl	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@6.2.0-2%3Fdistro=trixie

aliases CVE-2018-1000002

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p1yj-k985-kkbv

url VCID-ps4g-f1q9-wqhm

vulnerability_id VCID-ps4g-f1q9-wqhm

summary Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-26249

reference_id

reference_type

scores

value	0.00389
scoring_system	epss
scoring_elements	0.60007
published_at	2026-04-21T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.60021
published_at	2026-04-18T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.59928
published_at	2026-04-02T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.59954
published_at	2026-04-04T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.59924
published_at	2026-04-07T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.59974
published_at	2026-04-08T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.59987
published_at	2026-04-09T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.60008
published_at	2026-04-11T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.59993
published_at	2026-04-12T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.59975
published_at	2026-04-13T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.60014
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-26249

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26249
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26249

reference_url

https://www.knot-resolver.cz/2023-01-26-knot-resolver-5.6.0.html

reference_id

2023-01-26-knot-resolver-5.6.0.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-14T18:32:21Z/

url

https://www.knot-resolver.cz/2023-01-26-knot-resolver-5.6.0.html

fixed_packages

url	pkg:deb/debian/knot-resolver@5.6.0-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.6.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.6.0-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.6.0-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
purl	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@6.2.0-2%3Fdistro=trixie

aliases CVE-2023-26249

risk_score 1.9

exploitability 0.5

weighted_severity 3.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ps4g-f1q9-wqhm

url VCID-vprj-j7u6-zbe7

vulnerability_id VCID-vprj-j7u6-zbe7

summary Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-50868

reference_id

reference_type

scores

value	0.11802
scoring_system	epss
scoring_elements	0.9374
published_at	2026-04-21T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93737
published_at	2026-04-18T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.9373
published_at	2026-04-16T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93713
published_at	2026-04-13T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93696
published_at	2026-04-07T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93712
published_at	2026-04-12T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93708
published_at	2026-04-09T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93706
published_at	2026-04-08T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93694
published_at	2026-04-04T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93684
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-50868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html

reference_id

017430.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845
reference_id	1063845
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852
reference_id	1063852
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751
reference_id	1077751
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751

reference_url

http://www.openwall.com/lists/oss-security/2024/02/16/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

http://www.openwall.com/lists/oss-security/2024/02/16/2

reference_url

https://www.isc.org/blogs/2024-bind-security-release/

reference_id

2024-bind-security-release

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://www.isc.org/blogs/2024-bind-security-release/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2263917
reference_id	2263917
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2263917

reference_url

http://www.openwall.com/lists/oss-security/2024/02/16/3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

http://www.openwall.com/lists/oss-security/2024/02/16/3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/

reference_id

6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/

reference_id

BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/

reference_url

https://kb.isc.org/docs/cve-2023-50868

reference_id

cve-2023-50868

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://kb.isc.org/docs/cve-2023-50868

reference_url

https://access.redhat.com/security/cve/CVE-2023-50868

reference_id

CVE-2023-50868

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://access.redhat.com/security/cve/CVE-2023-50868

reference_url	https://security.gentoo.org/glsa/202412-10
reference_id	GLSA-202412-10
reference_type
scores
url	https://security.gentoo.org/glsa/202412-10

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/

reference_id

HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/

reference_id

IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/

reference_url

https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html

reference_id

msg00006.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html

reference_id

msg00011.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html

reference_url

https://security.netapp.com/advisory/ntap-20240307-0008/

reference_id

ntap-20240307-0008

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://security.netapp.com/advisory/ntap-20240307-0008/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/

reference_id

PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html

reference_id

powerdns-advisory-2024-01.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html

reference_url

https://datatracker.ietf.org/doc/html/rfc5155

reference_id

rfc5155

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://datatracker.ietf.org/doc/html/rfc5155

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/

reference_id

RGS7JN6FZXUSTC2XKQHH27574XOULYYJ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/

reference_url	https://access.redhat.com/errata/RHSA-2024:0965
reference_id	RHSA-2024:0965
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0965

reference_url	https://access.redhat.com/errata/RHSA-2024:0977
reference_id	RHSA-2024:0977
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0977

reference_url	https://access.redhat.com/errata/RHSA-2024:0981
reference_id	RHSA-2024:0981
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0981

reference_url	https://access.redhat.com/errata/RHSA-2024:0982
reference_id	RHSA-2024:0982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0982

reference_url	https://access.redhat.com/errata/RHSA-2024:11003
reference_id	RHSA-2024:11003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:11003

reference_url	https://access.redhat.com/errata/RHSA-2024:1334
reference_id	RHSA-2024:1334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1334

reference_url	https://access.redhat.com/errata/RHSA-2024:1335
reference_id	RHSA-2024:1335
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1335

reference_url	https://access.redhat.com/errata/RHSA-2024:1522
reference_id	RHSA-2024:1522
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1522

reference_url	https://access.redhat.com/errata/RHSA-2024:1543
reference_id	RHSA-2024:1543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1543

reference_url	https://access.redhat.com/errata/RHSA-2024:1544
reference_id	RHSA-2024:1544
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1544

reference_url	https://access.redhat.com/errata/RHSA-2024:1545
reference_id	RHSA-2024:1545
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1545

reference_url	https://access.redhat.com/errata/RHSA-2024:1647
reference_id	RHSA-2024:1647
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1647

reference_url	https://access.redhat.com/errata/RHSA-2024:1648
reference_id	RHSA-2024:1648
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1648

reference_url	https://access.redhat.com/errata/RHSA-2024:1781
reference_id	RHSA-2024:1781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1781

reference_url	https://access.redhat.com/errata/RHSA-2024:1782
reference_id	RHSA-2024:1782
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1782

reference_url	https://access.redhat.com/errata/RHSA-2024:1789
reference_id	RHSA-2024:1789
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1789

reference_url	https://access.redhat.com/errata/RHSA-2024:1800
reference_id	RHSA-2024:1800
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1800

reference_url	https://access.redhat.com/errata/RHSA-2024:1801
reference_id	RHSA-2024:1801
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1801

reference_url	https://access.redhat.com/errata/RHSA-2024:1803
reference_id	RHSA-2024:1803
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1803

reference_url	https://access.redhat.com/errata/RHSA-2024:1804
reference_id	RHSA-2024:1804
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1804

reference_url	https://access.redhat.com/errata/RHSA-2024:2551
reference_id	RHSA-2024:2551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2551

reference_url	https://access.redhat.com/errata/RHSA-2024:2587
reference_id	RHSA-2024:2587
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2587

reference_url	https://access.redhat.com/errata/RHSA-2024:2696
reference_id	RHSA-2024:2696
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2696

reference_url	https://access.redhat.com/errata/RHSA-2024:2720
reference_id	RHSA-2024:2720
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2720

reference_url	https://access.redhat.com/errata/RHSA-2024:2721
reference_id	RHSA-2024:2721
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2721

reference_url	https://access.redhat.com/errata/RHSA-2024:2821
reference_id	RHSA-2024:2821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2821

reference_url	https://access.redhat.com/errata/RHSA-2024:2890
reference_id	RHSA-2024:2890
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2890

reference_url	https://access.redhat.com/errata/RHSA-2024:3271
reference_id	RHSA-2024:3271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3271

reference_url	https://access.redhat.com/errata/RHSA-2024:3741
reference_id	RHSA-2024:3741
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3741

reference_url	https://access.redhat.com/errata/RHSA-2024:3877
reference_id	RHSA-2024:3877
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3877

reference_url	https://access.redhat.com/errata/RHSA-2024:3929
reference_id	RHSA-2024:3929
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3929

reference_url	https://access.redhat.com/errata/RHSA-2025:0039
reference_id	RHSA-2025:0039
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0039

reference_url

https://bugzilla.suse.com/show_bug.cgi?id=1219826

reference_id

show_bug.cgi?id=1219826

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://bugzilla.suse.com/show_bug.cgi?id=1219826

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/

reference_id

SVYA42BLXUCIDLD35YIJPJSHDIADNYMP

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/

reference_id

TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/

reference_url

https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/

reference_id

unbound-1.19.1-released

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/

reference_id

UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/

reference_url	https://usn.ubuntu.com/6633-1/
reference_id	USN-6633-1
reference_type
scores
url	https://usn.ubuntu.com/6633-1/

reference_url	https://usn.ubuntu.com/6642-1/
reference_id	USN-6642-1
reference_type
scores
url	https://usn.ubuntu.com/6642-1/

reference_url	https://usn.ubuntu.com/6657-1/
reference_id	USN-6657-1
reference_type
scores
url	https://usn.ubuntu.com/6657-1/

reference_url	https://usn.ubuntu.com/6657-2/
reference_id	USN-6657-2
reference_type
scores
url	https://usn.ubuntu.com/6657-2/

reference_url	https://usn.ubuntu.com/6665-1/
reference_id	USN-6665-1
reference_type
scores
url	https://usn.ubuntu.com/6665-1/

reference_url	https://usn.ubuntu.com/6723-1/
reference_id	USN-6723-1
reference_type
scores
url	https://usn.ubuntu.com/6723-1/

reference_url

https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1

reference_id

v5.7.1

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/

reference_id

ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/

fixed_packages

url	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.6.0-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.6.0-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.7.1-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.7.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.7.1-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
purl	pkg:deb/debian/knot-resolver@5.7.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@5.7.5-1%3Fdistro=trixie

url	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
purl	pkg:deb/debian/knot-resolver@6.2.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@6.2.0-2%3Fdistro=trixie

aliases CVE-2023-50868

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vprj-j7u6-zbe7

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/knot-resolver@6.2.0-2%3Fdistro=trixie

Package Instance