Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/934663?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "type": "deb", "namespace": "debian", "name": "pdns-recursor", "version": "5.2.8-0+deb13u1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "5.3.1-1", "latest_non_vulnerable_version": "5.4.0-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90807?format=api", "vulnerability_id": "VCID-12cd-ky6m-qkdg", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12244", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26178", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26302", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26342", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26383", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26156", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26224", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26272", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26278", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26233", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26174", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12244" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12244", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12244" }, { "reference_url": "https://security.archlinux.org/ASA-202005-10", "reference_id": "ASA-202005-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202005-10" }, { "reference_url": "https://security.archlinux.org/AVG-1163", "reference_id": "AVG-1163", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1163" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934679?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-12244" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-12cd-ky6m-qkdg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81507?format=api", "vulnerability_id": "VCID-1jzb-z2bs-vbeb", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7073", "reference_id": "", "reference_type": "", "scores": [ { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00414", "published_at": "2026-04-16T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00418", "published_at": "2026-04-13T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00433", "published_at": "2026-04-01T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00435", "published_at": "2026-04-02T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00434", "published_at": "2026-04-04T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00426", "published_at": "2026-04-07T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00423", "published_at": "2026-04-08T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00424", "published_at": "2026-04-11T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00419", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7072", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7072" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7074" }, { "reference_url": "https://security.archlinux.org/ASA-201701-29", "reference_id": "ASA-201701-29", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-29" }, { "reference_url": "https://security.archlinux.org/ASA-201701-30", "reference_id": "ASA-201701-30", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-30" }, { "reference_url": "https://security.archlinux.org/AVG-147", "reference_id": "AVG-147", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-147" }, { "reference_url": "https://security.archlinux.org/AVG-148", "reference_id": "AVG-148", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-148" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934672?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.0.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.0.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-7073" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1jzb-z2bs-vbeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/266540?format=api", "vulnerability_id": "VCID-2eyk-9hmz-xybp", "summary": "An attacker can publish a zone containing specific Resource Record Sets. Processing and caching results for these sets can lead to an illegal memory accesses and crash of the Recursor, causing a denial of service.\n\nThe remedy is: upgrade to the patched 5.2.1 version.\n\nWe would like to thank Volodymyr Ilyin for bringing this issue to our attention.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30195", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40727", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40682", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40709", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40737", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40661", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40711", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40718", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40735", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40701", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30195" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-01.html", "reference_id": "powerdns-advisory-2025-01.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T14:07:50Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-01.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934670?format=api", "purl": "pkg:deb/debian/pdns-recursor@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934692?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-30195" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2eyk-9hmz-xybp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94183?format=api", "vulnerability_id": "VCID-2hee-f8gq-rycf", "summary": "An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an attacker to bypass DNSSEC validation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3807", "reference_id": "", "reference_type": "", "scores": [ { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00117", "published_at": "2026-04-08T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00116", "published_at": "2026-04-16T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00118", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3807" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3807" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-02.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-02.html" }, { "reference_url": "https://security.archlinux.org/ASA-201901-13", "reference_id": "ASA-201901-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201901-13" }, { "reference_url": "https://security.archlinux.org/AVG-856", "reference_id": "AVG-856", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-856" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3807", "reference_id": "CVE-2019-3807", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:N" }, { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3807" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934678?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.1.9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-3807" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2hee-f8gq-rycf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81505?format=api", "vulnerability_id": "VCID-2m6r-ztcg-gbgu", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7068", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24675", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24662", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24743", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.2482", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24858", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.2463", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24699", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24747", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.2476", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24719", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7072", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7072" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7074" }, { "reference_url": "https://security.archlinux.org/ASA-201701-29", "reference_id": "ASA-201701-29", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-29" }, { "reference_url": "https://security.archlinux.org/ASA-201701-30", "reference_id": "ASA-201701-30", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-30" }, { "reference_url": "https://security.archlinux.org/AVG-147", "reference_id": "AVG-147", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-147" }, { "reference_url": "https://security.archlinux.org/AVG-148", "reference_id": "AVG-148", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-148" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934672?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.0.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.0.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-7068" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2m6r-ztcg-gbgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96817?format=api", "vulnerability_id": "VCID-2ugc-uygs-hqb8", "summary": "Crafted delegations or IP fragments can poison cached delegations in Recursor.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59024", "reference_id": "", "reference_type": "", "scores": [ { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00204", "published_at": "2026-04-11T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00205", "published_at": "2026-04-16T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00202", "published_at": "2026-04-09T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00203", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59024" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118751", "reference_id": "1118751", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118751" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-06.html", "reference_id": "powerdns-advisory-2025-06.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-09T16:11:42Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-06.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934694?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.6-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.6-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934693?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-59024" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ugc-uygs-hqb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/266462?format=api", "vulnerability_id": "VCID-36qt-fxee-ruae", "summary": "A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. This is fixed in 4.8.1.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22617", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01064", "scoring_system": "epss", "scoring_elements": "0.7771", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01064", "scoring_system": "epss", "scoring_elements": "0.77659", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01064", "scoring_system": "epss", "scoring_elements": "0.77664", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01064", "scoring_system": "epss", "scoring_elements": "0.7769", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01064", "scoring_system": "epss", "scoring_elements": "0.77674", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01064", "scoring_system": "epss", "scoring_elements": "0.77673", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01064", "scoring_system": "epss", "scoring_elements": "0.77621", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01064", "scoring_system": "epss", "scoring_elements": "0.77648", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01064", "scoring_system": "epss", "scoring_elements": "0.7763", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22617" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/01/20/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:36:48Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/01/20/1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029367", "reference_id": "1029367", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029367" }, { "reference_url": "https://docs.powerdns.com/recursor/changelog/4.8.html#change-4.8.1", "reference_id": "4.8.html#change-4.8.1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:36:48Z/" } ], "url": "https://docs.powerdns.com/recursor/changelog/4.8.html#change-4.8.1" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/", "reference_id": "security-advisories", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T14:36:48Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934670?format=api", "purl": "pkg:deb/debian/pdns-recursor@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934684?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-22617" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-36qt-fxee-ruae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94319?format=api", "vulnerability_id": "VCID-3e3b-z5bh-pban", "summary": "An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0. It allows an attacker (with enough privileges to change the system's hostname) to cause disclosure of uninitialized memory content via a stack-based out-of-bounds read. It only occurs on systems where gethostname() does not have '\\0' termination of the returned string if the hostname is larger than the supplied buffer. (Linux systems are not affected because the buffer is always large enough. OpenBSD systems are not affected because the returned hostname always has '\\0' termination.) Under some conditions, this issue can lead to the writing of one '\\0' byte out-of-bounds on the stack, causing a denial of service or possibly arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10030", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08041", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08131", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08174", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08121", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0819", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08208", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08198", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08178", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08161", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08061", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10030" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10030", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10030" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934679?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-10030" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3e3b-z5bh-pban" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42665?format=api", "vulnerability_id": "VCID-4532-4nm8-6qc8", "summary": "Multiple vulnerabilities have been found in PowerDNS Recursor, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4009", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10785", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10921", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10985", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10811", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10887", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1094", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10941", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10908", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10885", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1075", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4009" }, { "reference_url": "https://security.gentoo.org/glsa/201412-33", "reference_id": "GLSA-201412-33", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-33" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934666?format=api", "purl": "pkg:deb/debian/pdns-recursor@3.1.7.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@3.1.7.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-4009" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4532-4nm8-6qc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93561?format=api", "vulnerability_id": "VCID-4c2u-n7p5-nfg4", "summary": "PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS Recursor 4.0.0 up to 4.1.4 inclusive are vulnerable to a packet cache pollution via crafted query that can lead to denial of service.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14626", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1251", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1265", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12606", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12635", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12739", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12785", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12592", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12671", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12723", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12691", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14626" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913162", "reference_id": "913162", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913162" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913163", "reference_id": "913163", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913163" }, { "reference_url": "https://security.archlinux.org/ASA-201811-12", "reference_id": "ASA-201811-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-12" }, { "reference_url": "https://security.archlinux.org/ASA-201811-13", "reference_id": "ASA-201811-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-13" }, { "reference_url": "https://security.archlinux.org/AVG-804", "reference_id": "AVG-804", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-804" }, { "reference_url": "https://security.archlinux.org/AVG-805", "reference_id": "AVG-805", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-805" }, { "reference_url": "https://usn.ubuntu.com/7203-1/", "reference_id": "USN-7203-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7203-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934676?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.1.7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.1.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-14626" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4c2u-n7p5-nfg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61411?format=api", "vulnerability_id": "VCID-66sa-bc5p-jqde", "summary": "Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97914", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97913", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97912", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97898", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97901", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97906", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97909", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97896", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.51989", "scoring_system": "epss", "scoring_elements": "0.97922", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html", "reference_id": "017430.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845", "reference_id": "1063845", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852", "reference_id": "1063852", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750", "reference_id": "1077750", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/2" }, { "reference_url": "https://www.isc.org/blogs/2024-bind-security-release/", "reference_id": "2024-bind-security-release", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.isc.org/blogs/2024-bind-security-release/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263914", "reference_id": "2263914", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263914" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/", "reference_id": "6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/", "reference_id": "BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/" }, { "reference_url": "https://kb.isc.org/docs/cve-2023-50387", "reference_id": "cve-2023-50387", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://kb.isc.org/docs/cve-2023-50387" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-50387", "reference_id": "CVE-2023-50387", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-50387" }, { "reference_url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387", "reference_id": "CVE-2023-50387", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387" }, { "reference_url": "https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/", "reference_id": "dnssec_vulnerability_internet", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-10", "reference_id": "GLSA-202412-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-10" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/", "reference_id": "HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/", "reference_id": "IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/" }, { "reference_url": "https://news.ycombinator.com/item?id=39367411", "reference_id": "item?id=39367411", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://news.ycombinator.com/item?id=39367411" }, { "reference_url": "https://news.ycombinator.com/item?id=39372384", "reference_id": "item?id=39372384", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://news.ycombinator.com/item?id=39372384" }, { "reference_url": "https://www.athene-center.de/aktuelles/key-trap", "reference_id": "key-trap", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.athene-center.de/aktuelles/key-trap" }, { "reference_url": "https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/", "reference_id": "keytrap-dns-attack-could-disable-large-parts-of-internet-researchers", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html", "reference_id": "msg00006.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240307-0007/", "reference_id": "ntap-20240307-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240307-0007/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/", "reference_id": "PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html", "reference_id": "powerdns-advisory-2024-01.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/", "reference_id": "RGS7JN6FZXUSTC2XKQHH27574XOULYYJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0965", "reference_id": "RHSA-2024:0965", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0965" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0977", "reference_id": "RHSA-2024:0977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0981", "reference_id": "RHSA-2024:0981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0982", "reference_id": "RHSA-2024:0982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11003", "reference_id": "RHSA-2024:11003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1334", "reference_id": "RHSA-2024:1334", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1335", "reference_id": "RHSA-2024:1335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1522", "reference_id": "RHSA-2024:1522", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1522" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1543", "reference_id": "RHSA-2024:1543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1544", "reference_id": "RHSA-2024:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1545", "reference_id": "RHSA-2024:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1647", "reference_id": "RHSA-2024:1647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1648", "reference_id": "RHSA-2024:1648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1781", "reference_id": "RHSA-2024:1781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1782", "reference_id": "RHSA-2024:1782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1789", "reference_id": "RHSA-2024:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1800", "reference_id": "RHSA-2024:1800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1801", "reference_id": "RHSA-2024:1801", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1801" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1803", "reference_id": "RHSA-2024:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1804", "reference_id": "RHSA-2024:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2551", "reference_id": "RHSA-2024:2551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2587", "reference_id": "RHSA-2024:2587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2696", "reference_id": "RHSA-2024:2696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2720", "reference_id": "RHSA-2024:2720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2721", "reference_id": "RHSA-2024:2721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2821", "reference_id": "RHSA-2024:2821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2890", "reference_id": "RHSA-2024:2890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3271", "reference_id": "RHSA-2024:3271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3741", "reference_id": "RHSA-2024:3741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3877", "reference_id": "RHSA-2024:3877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3929", "reference_id": "RHSA-2024:3929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0039", "reference_id": "RHSA-2025:0039", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0039" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1219823", "reference_id": "show_bug.cgi?id=1219823", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1219823" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/", "reference_id": "SVYA42BLXUCIDLD35YIJPJSHDIADNYMP", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/" }, { "reference_url": "https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf", "reference_id": "Technical_Report_KeyTrap.pdf", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/", "reference_id": "TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/" }, { "reference_url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/", "reference_id": "unbound-1.19.1-released", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/", "reference_id": "UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/" }, { "reference_url": "https://usn.ubuntu.com/6633-1/", "reference_id": "USN-6633-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6633-1/" }, { "reference_url": "https://usn.ubuntu.com/6642-1/", "reference_id": "USN-6642-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6642-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-1/", "reference_id": "USN-6657-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-2/", "reference_id": "USN-6657-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-2/" }, { "reference_url": "https://usn.ubuntu.com/6665-1/", "reference_id": "USN-6665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6665-1/" }, { "reference_url": "https://usn.ubuntu.com/6723-1/", "reference_id": "USN-6723-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6723-1/" }, { "reference_url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1", "reference_id": "v5.7.1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/", "reference_id": "ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934686?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934687?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.9.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.9.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-50387" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-66sa-bc5p-jqde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33598?format=api", "vulnerability_id": "VCID-67tu-cpzn-t7ep", "summary": "Use of insufficient randomness in PowerDNS Recursor might lead to DNS cache\n poisoning.", "references": [ { "reference_url": "http://doc.powerdns.com/changelog.html#CHANGELOG-RECURSOR-3-1-6", "reference_id": "", "reference_type": "", "scores": [], "url": "http://doc.powerdns.com/changelog.html#CHANGELOG-RECURSOR-3-1-6" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3217.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3217", "reference_id": "", "reference_type": "", "scores": [ { "value": "4e-05", "scoring_system": "epss", "scoring_elements": "0.00184", "published_at": "2026-04-09T12:55:00Z" }, { "value": "4e-05", "scoring_system": "epss", "scoring_elements": "0.00185", "published_at": "2026-04-02T12:55:00Z" }, { "value": "4e-05", "scoring_system": "epss", "scoring_elements": "0.00186", "published_at": "2026-04-13T12:55:00Z" }, { "value": "4e-05", "scoring_system": "epss", "scoring_elements": "0.00183", "published_at": "2026-04-08T12:55:00Z" }, { "value": "4e-05", "scoring_system": "epss", "scoring_elements": "0.00187", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3217" }, { "reference_url": "http://secunia.com/advisories/31311", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31311" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43925", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43925" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01353.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01353.html" }, { "reference_url": "http://wiki.powerdns.com/cgi-bin/trac.fcgi/changeset/1179", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.powerdns.com/cgi-bin/trac.fcgi/changeset/1179" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/07/09/10", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/07/09/10" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/07/10/6", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/07/10/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2008/07/16/12", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2008/07/16/12" }, { "reference_url": "http://www.securityfocus.com/bid/30782", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30782" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=456054", "reference_id": "456054", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=456054" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493576", "reference_id": "493576", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493576" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3217", "reference_id": "CVE-2008-3217", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3217" }, { "reference_url": "https://security.gentoo.org/glsa/200804-22", "reference_id": "GLSA-200804-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200804-22" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934665?format=api", "purl": "pkg:deb/debian/pdns-recursor@3.1.7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@3.1.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2008-3217" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-67tu-cpzn-t7ep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95119?format=api", "vulnerability_id": "VCID-7dc3-qdk8-k7b2", "summary": "In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27227", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07484", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07487", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.0751", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07496", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07406", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07449", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.0743", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27227" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27227", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27227" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.archlinux.org/AVG-2655", "reference_id": "AVG-2655", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2655" }, { "reference_url": "https://security.archlinux.org/AVG-2656", "reference_id": "AVG-2656", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2656" }, { "reference_url": "https://usn.ubuntu.com/7203-1/", "reference_id": "USN-7203-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7203-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934682?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-27227" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7dc3-qdk8-k7b2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/184957?format=api", "vulnerability_id": "VCID-829g-d7jw-sych", "summary": "A crafted response from an upstream server the recursor has been configured to forward-recurse to can cause a Denial of Service in the Recursor. The default configuration of the Recursor does not use recursive forwarding and is not affected.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25583", "reference_id": "", "reference_type": "", "scores": [ { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00819", "published_at": "2026-04-16T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00834", "published_at": "2026-04-07T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00838", "published_at": "2026-04-08T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00835", "published_at": "2026-04-09T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00824", "published_at": "2026-04-11T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00818", "published_at": "2026-04-12T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00833", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25583" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/24/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T19:14:51Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/24/1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069762", "reference_id": "1069762", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069762" }, { "reference_url": "https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-02.html", "reference_id": "powerdns-advisory-2024-02.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-29T19:14:51Z/" } ], "url": "https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-02.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934670?format=api", "purl": "pkg:deb/debian/pdns-recursor@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934688?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934689?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.9.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.9.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-25583" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-829g-d7jw-sych" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42666?format=api", "vulnerability_id": "VCID-8hf9-emba-wbdq", "summary": "Multiple vulnerabilities have been found in PowerDNS Recursor, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4010", "reference_id": "", "reference_type": "", "scores": [ { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00333", "published_at": "2026-04-01T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00338", "published_at": "2026-04-02T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00336", "published_at": "2026-04-04T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00327", "published_at": "2026-04-07T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00325", "published_at": "2026-04-09T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00324", "published_at": "2026-04-11T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00323", "published_at": "2026-04-12T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00322", "published_at": "2026-04-13T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00316", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4010" }, { "reference_url": "https://security.gentoo.org/glsa/201412-33", "reference_id": "GLSA-201412-33", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-33" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934666?format=api", "purl": "pkg:deb/debian/pdns-recursor@3.1.7.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@3.1.7.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-4010" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8hf9-emba-wbdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95232?format=api", "vulnerability_id": "VCID-8tar-s444-zfac", "summary": "PowerDNS Recursor up to and including 4.5.9, 4.6.2 and 4.7.1, when protobuf logging is enabled, has Improper Cleanup upon a Thrown Exception, leading to a denial of service (daemon crash) via a DNS query that leads to an answer with specific properties.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37428", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16668", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16879", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16935", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16718", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16803", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16858", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16836", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16791", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16732", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37428" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37428", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37428" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934683?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.7.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.7.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-37428" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8tar-s444-zfac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93562?format=api", "vulnerability_id": "VCID-9p7x-52ad-vbh6", "summary": "An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authoritative servers for that parent zone answer with FORMERR to a query for at least one of the meta-types. As a result, subsequent queries from clients requesting DNSSEC validation will be answered with a ServFail.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14644", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05238", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05292", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05189", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05233", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05265", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.0529", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05325", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05347", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05314", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05303", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14644" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14644", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14644" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913162", "reference_id": "913162", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913162" }, { "reference_url": "https://security.archlinux.org/ASA-201811-13", "reference_id": "ASA-201811-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-13" }, { "reference_url": "https://security.archlinux.org/AVG-805", "reference_id": "AVG-805", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-805" }, { "reference_url": "https://usn.ubuntu.com/7203-1/", "reference_id": "USN-7203-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7203-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934676?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.1.7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.1.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-14644" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9p7x-52ad-vbh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93141?format=api", "vulnerability_id": "VCID-a7xd-fyh3-xuaq", "summary": "An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 up to and including 4.0.6 leading to a memory leak when parsing specially crafted DNSSEC ECDSA keys. These keys are only parsed when validation is enabled by setting dnssec to a value other than off or process-no-validate (default).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15094", "reference_id": "", "reference_type": "", "scores": [ { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00209", "published_at": "2026-04-01T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.0021", "published_at": "2026-04-02T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00211", "published_at": "2026-04-04T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00207", "published_at": "2026-04-09T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00587", "published_at": "2026-04-16T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00595", "published_at": "2026-04-11T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00591", "published_at": "2026-04-12T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00593", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15094" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15094" }, { "reference_url": "https://security.archlinux.org/ASA-201711-31", "reference_id": "ASA-201711-31", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-31" }, { "reference_url": "https://security.archlinux.org/AVG-520", "reference_id": "AVG-520", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-520" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934673?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.0.7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.0.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-15094" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a7xd-fyh3-xuaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92732?format=api", "vulnerability_id": "VCID-bb3a-3ehq-8bhd", "summary": "PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows remote attackers to cause a denial of service (assertion failure and server crash) via crafted query packets.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171865.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171865.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171976.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171976.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172193.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172193.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5311", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00478", "scoring_system": "epss", "scoring_elements": "0.6503", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00478", "scoring_system": "epss", "scoring_elements": "0.6491", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00478", "scoring_system": "epss", "scoring_elements": "0.6496", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00478", "scoring_system": "epss", "scoring_elements": "0.64987", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00478", "scoring_system": "epss", "scoring_elements": "0.6495", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00478", "scoring_system": "epss", "scoring_elements": "0.64999", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00478", "scoring_system": "epss", "scoring_elements": "0.65013", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00478", "scoring_system": "epss", "scoring_elements": "0.65031", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00478", "scoring_system": "epss", "scoring_elements": "0.65021", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00478", "scoring_system": "epss", "scoring_elements": "0.64993", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5311" }, { "reference_url": "https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/09/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/09/3" }, { "reference_url": "http://www.securitytracker.com/id/1034098", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034098" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:3.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:authoritative:3.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:3.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:3.4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:authoritative:3.4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:3.4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:3.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:authoritative:3.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:3.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5311", "reference_id": "CVE-2015-5311", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5311" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934670?format=api", "purl": "pkg:deb/debian/pdns-recursor@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-5311" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bb3a-3ehq-8bhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96816?format=api", "vulnerability_id": "VCID-cdzz-8tc8-jucu", "summary": "Crafted delegations or IP fragments can poison cached delegations in Recursor.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59023", "reference_id": "", "reference_type": "", "scores": [ { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.0034", "published_at": "2026-04-16T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00345", "published_at": "2026-04-13T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00365", "published_at": "2026-04-02T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00368", "published_at": "2026-04-04T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00356", "published_at": "2026-04-07T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00353", "published_at": "2026-04-09T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.0035", "published_at": "2026-04-11T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00347", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59023" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118751", "reference_id": "1118751", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118751" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-06.html", "reference_id": "powerdns-advisory-2025-06.html", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T16:17:14Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-06.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934694?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.6-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.6-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934693?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-59023" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cdzz-8tc8-jucu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93458?format=api", "vulnerability_id": "VCID-ch2d-p2ru-23ex", "summary": "PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10851", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29114", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.2914", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29088", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29135", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.2921", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29262", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29075", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29138", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.2918", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29186", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10851" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10851", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10851" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913162", "reference_id": "913162", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913162" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913163", "reference_id": "913163", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913163" }, { "reference_url": "https://security.archlinux.org/ASA-201811-12", "reference_id": "ASA-201811-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-12" }, { "reference_url": "https://security.archlinux.org/ASA-201811-13", "reference_id": "ASA-201811-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-13" }, { "reference_url": "https://security.archlinux.org/AVG-804", "reference_id": "AVG-804", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-804" }, { "reference_url": "https://security.archlinux.org/AVG-805", "reference_id": "AVG-805", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-805" }, { "reference_url": "https://usn.ubuntu.com/7203-1/", "reference_id": "USN-7203-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7203-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934676?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.1.7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.1.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-10851" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ch2d-p2ru-23ex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92701?format=api", "vulnerability_id": "VCID-d13q-prqh-buge", "summary": "The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a name that refers to itself.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66161", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66202", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66229", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66198", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66246", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66259", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66279", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66266", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66235", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.6627", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1868" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934669?format=api", "purl": "pkg:deb/debian/pdns-recursor@3.7.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@3.7.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-1868" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d13q-prqh-buge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93581?format=api", "vulnerability_id": "VCID-d4km-jg6b-2kh3", "summary": "An issue has been found in PowerDNS Recursor before version 4.1.8 where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16855", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19834", "scoring_system": "epss", "scoring_elements": "0.95456", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.19834", "scoring_system": "epss", "scoring_elements": "0.95413", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.19834", "scoring_system": "epss", "scoring_elements": "0.95422", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.19834", "scoring_system": "epss", "scoring_elements": "0.95428", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.19834", "scoring_system": "epss", "scoring_elements": "0.95432", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.19834", "scoring_system": "epss", "scoring_elements": "0.95438", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.19834", "scoring_system": "epss", "scoring_elements": "0.95441", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.19834", "scoring_system": "epss", "scoring_elements": "0.95445", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.19834", "scoring_system": "epss", "scoring_elements": "0.95447", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16855" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16855", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16855" }, { "reference_url": "https://security.archlinux.org/ASA-201811-21", "reference_id": "ASA-201811-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201811-21" }, { "reference_url": "https://security.archlinux.org/AVG-821", "reference_id": "AVG-821", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-821" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934677?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.1.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.1.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-16855" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d4km-jg6b-2kh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91545?format=api", "vulnerability_id": "VCID-e3e7-jd2u-fbgk", "summary": "The recursor in PowerDNS before 3.0.1 allows remote attackers to cause a denial of service (application crash) via malformed EDNS0 packets.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2069", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02313", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02381", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02392", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02389", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02394", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02415", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02391", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02379", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02378", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02362", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2069" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2069", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2069" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934660?format=api", "purl": "pkg:deb/debian/pdns-recursor@3.0.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@3.0.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-2069" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e3e7-jd2u-fbgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66066?format=api", "vulnerability_id": "VCID-f1cn-ufjb-ffcd", "summary": "PowerDNS: PowerDNS: Assertion failure due to crafted DNS records", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59029.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-59029.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59029", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01002", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01011", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01003", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01015", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01013", "published_at": "2026-04-09T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00829", "published_at": "2026-04-16T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.0083", "published_at": "2026-04-13T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00835", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59029" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122196", "reference_id": "1122196", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122196" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420464", "reference_id": "2420464", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420464" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-07.html", "reference_id": "powerdns-advisory-2025-07.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T14:29:51Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-07.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934670?format=api", "purl": "pkg:deb/debian/pdns-recursor@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934695?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.3.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.3.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-59029" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f1cn-ufjb-ffcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69426?format=api", "vulnerability_id": "VCID-h73s-nkfg-sqgc", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15120", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.55985", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56096", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56116", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56147", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56152", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56164", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.5614", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56124", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56158", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15120" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934674?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.1.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.1.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-15120" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h73s-nkfg-sqgc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49241?format=api", "vulnerability_id": "VCID-htr2-rwgm-47ed", "summary": "A vulnerability in PowerDNS Recursor could lead to a Denial of\n Service condition.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25829", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57423", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57287", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57369", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57391", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57366", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57418", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57421", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57436", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57415", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57396", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25829" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25829", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25829" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972159", "reference_id": "972159", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972159" }, { "reference_url": "https://security.archlinux.org/ASA-202010-6", "reference_id": "ASA-202010-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202010-6" }, { "reference_url": "https://security.archlinux.org/AVG-1243", "reference_id": "AVG-1243", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1243" }, { "reference_url": "https://security.gentoo.org/glsa/202012-19", "reference_id": "GLSA-202012-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202012-19" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934681?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.3.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.3.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-25829" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-htr2-rwgm-47ed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33596?format=api", "vulnerability_id": "VCID-jfe5-j391-dubt", "summary": "Use of insufficient randomness in PowerDNS Recursor might lead to DNS cache\n poisoning.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1637.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1637.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1637", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07459", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07574", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07616", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07589", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07648", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07666", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07668", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07654", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07639", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07565", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1637" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=440247", "reference_id": "440247", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=440247" }, { "reference_url": "https://security.gentoo.org/glsa/200804-22", "reference_id": "GLSA-200804-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200804-22" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934665?format=api", "purl": "pkg:deb/debian/pdns-recursor@3.1.7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@3.1.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2008-1637" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jfe5-j391-dubt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91596?format=api", "vulnerability_id": "VCID-kzps-gj5k-8yh3", "summary": "PowerDNS Recursor 3.1.3 and earlier allows remote attackers to cause a denial of service (resource exhaustion and application crash) via a CNAME record with a zero TTL, which triggers an infinite loop.", "references": [ { "reference_url": "http://doc.powerdns.com/powerdns-advisory-2006-02.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://doc.powerdns.com/powerdns-advisory-2006-02.html" }, { "reference_url": "http://lists.suse.com/archive/suse-security-announce/2006-Nov/0007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Nov/0007.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-4252", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01754", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01702", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01745", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01759", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01762", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01771", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01766", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01756", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-4252" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4252", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4252" }, { "reference_url": "http://secunia.com/advisories/22824", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/22824" }, { "reference_url": "http://secunia.com/advisories/22976", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/22976" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30257", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30257" }, { "reference_url": "http://www.securityfocus.com/bid/21037", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/21037" }, { "reference_url": "http://www.vupen.com/english/advisories/2006/4484", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2006/4484" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=398559", "reference_id": "398559", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=398559" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.0_rc1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:2.0_rc1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.0_rc1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:2.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.9.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:2.9.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.9.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.9.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:2.9.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.9.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.9.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:2.9.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.9.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.9.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:2.9.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.9.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4252", "reference_id": "CVE-2006-4252", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4252" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934664?format=api", "purl": "pkg:deb/debian/pdns-recursor@3.1.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@3.1.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-4252" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kzps-gj5k-8yh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96980?format=api", "vulnerability_id": "VCID-m445-c6a1-uugf", "summary": "Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0398", "reference_id": "", "reference_type": "", "scores": [ { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00209", "published_at": "2026-04-16T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00205", "published_at": "2026-04-09T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00207", "published_at": "2026-04-11T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00208", "published_at": "2026-04-02T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00206", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0398" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127490", "reference_id": "1127490", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127490" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-01.html", "reference_id": "powerdns-advisory-2026-01.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:36:48Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-01.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934697?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.3.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.3.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-0398" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m445-c6a1-uugf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93139?format=api", "vulnerability_id": "VCID-mbq1-b3dr-1uc4", "summary": "A cross-site scripting issue has been found in the web interface of PowerDNS Recursor from 4.0.0 up to and including 4.0.6, where the qname of DNS queries was displayed without any escaping, allowing a remote attacker to inject HTML and Javascript code into the web interface, altering the content.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15092", "reference_id": "", "reference_type": "", "scores": [ { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00062", "published_at": "2026-04-16T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00061", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15092" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15092", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15092" }, { "reference_url": "https://security.archlinux.org/ASA-201711-31", "reference_id": "ASA-201711-31", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-31" }, { "reference_url": "https://security.archlinux.org/AVG-520", "reference_id": "AVG-520", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-520" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934673?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.0.7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.0.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-15092" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mbq1-b3dr-1uc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95460?format=api", "vulnerability_id": "VCID-mkcs-362g-t7aq", "summary": "Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: through 4.6.5, through 4.7.4 , through 4.8.3.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-26437", "reference_id": "", "reference_type": "", "scores": [ { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.0082", "published_at": "2026-04-16T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00835", "published_at": "2026-04-07T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00839", "published_at": "2026-04-08T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00836", "published_at": "2026-04-09T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00824", "published_at": "2026-04-11T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00819", "published_at": "2026-04-12T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00834", "published_at": "2026-04-02T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00833", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-26437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26437" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033941", "reference_id": "1033941", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033941" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN7VMRYKZHG2UDUAK326LXD3JY7NO3LR/", "reference_id": "CN7VMRYKZHG2UDUAK326LXD3JY7NO3LR", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-13T16:31:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN7VMRYKZHG2UDUAK326LXD3JY7NO3LR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHPD6SIQOG7245GXFQHPUEI4AZ6Y3KD6/", "reference_id": "IHPD6SIQOG7245GXFQHPUEI4AZ6Y3KD6", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-13T16:31:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHPD6SIQOG7245GXFQHPUEI4AZ6Y3KD6/" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2023-02.html", "reference_id": "powerdns-advisory-2023-02.html", "reference_type": "", "scores": [ { "value": "3.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-13T16:31:03Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2023-02.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934685?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-26437" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mkcs-362g-t7aq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90806?format=api", "vulnerability_id": "VCID-n2k6-nfxs-7ydj", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10995", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25592", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25677", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25747", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25789", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25558", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25631", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25687", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25646", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.2559", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12244", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12244" }, { "reference_url": "https://security.archlinux.org/ASA-202005-10", "reference_id": "ASA-202005-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202005-10" }, { "reference_url": "https://security.archlinux.org/AVG-1163", "reference_id": "AVG-1163", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1163" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934679?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-10995" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n2k6-nfxs-7ydj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42668?format=api", "vulnerability_id": "VCID-nfhz-964w-x3e7", "summary": "Multiple vulnerabilities have been found in PowerDNS Recursor, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cert.ssi.gouv.fr/site/CERTFR-2014-AVI-512/index.html" }, { "reference_url": "http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8601", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.7336", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73265", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73274", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73298", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.7327", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73306", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73319", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73343", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73324", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73316", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8601" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3096", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3096" }, { "reference_url": "http://www.kb.cert.org/vuls/id/264212", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.kb.cert.org/vuls/id/264212" }, { "reference_url": "http://www.securityfocus.com/bid/71545", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/71545" }, { "reference_url": "http://www.securitytracker.com/id/1031310", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031310" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8601", "reference_id": "CVE-2014-8601", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8601" }, { "reference_url": "https://security.gentoo.org/glsa/201412-33", "reference_id": "GLSA-201412-33", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-33" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934668?format=api", "purl": "pkg:deb/debian/pdns-recursor@3.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@3.6.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-8601" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nfhz-964w-x3e7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80920?format=api", "vulnerability_id": "VCID-nwfa-n5f2-abe7", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5470", "reference_id": "", "reference_type": "", "scores": [ { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00421", "published_at": "2026-04-16T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00435", "published_at": "2026-04-01T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00439", "published_at": "2026-04-04T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00431", "published_at": "2026-04-07T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00428", "published_at": "2026-04-08T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.0043", "published_at": "2026-04-11T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00425", "published_at": "2026-04-12T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00424", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5470" }, { "reference_url": "https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/07/07/6", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/07/07/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/07/10/8", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/07/10/8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:authoritative:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:3.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:authoritative:3.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:3.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:3.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:authoritative:3.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:3.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:3.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:authoritative:3.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:3.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:3.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:authoritative:3.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:3.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:3.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:authoritative:3.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative:3.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5470", "reference_id": "CVE-2015-5470", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5470" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934671?format=api", "purl": "pkg:deb/debian/pdns-recursor@3.7.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@3.7.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-5470" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nwfa-n5f2-abe7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97020?format=api", "vulnerability_id": "VCID-pjbp-1jgm-s3cg", "summary": "Crafted zones can lead to increased incoming network traffic.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24027", "reference_id": "", "reference_type": "", "scores": [ { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00318", "published_at": "2026-04-16T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00323", "published_at": "2026-04-13T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00339", "published_at": "2026-04-02T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00337", "published_at": "2026-04-04T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00329", "published_at": "2026-04-07T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00326", "published_at": "2026-04-08T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00327", "published_at": "2026-04-09T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00325", "published_at": "2026-04-11T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00324", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24027" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24027", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24027" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127490", "reference_id": "1127490", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127490" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-01.html", "reference_id": "powerdns-advisory-2026-01.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T16:19:10Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-01.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934697?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.3.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.3.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-24027" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pjbp-1jgm-s3cg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92603?format=api", "vulnerability_id": "VCID-rcd7-knv1-xbgd", "summary": "Unspecified vulnerability in PowerDNS Recursor (aka pdns_recursor) 3.6.x before 3.6.1 allows remote attackers to cause a denial of service (crash) via an unknown sequence of malformed packets.", "references": [ { "reference_url": "http://blog.powerdns.com/2014/09/10/security-update-powerdns-recursor-3-6-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://blog.powerdns.com/2014/09/10/security-update-powerdns-recursor-3-6-1" }, { "reference_url": "http://doc.powerdns.com/html/changelog.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://doc.powerdns.com/html/changelog.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3614", "reference_id": "", "reference_type": "", "scores": [ { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.0084", "published_at": "2026-04-13T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00844", "published_at": "2026-04-01T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.0085", "published_at": "2026-04-04T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00852", "published_at": "2026-04-07T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00856", "published_at": "2026-04-08T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00854", "published_at": "2026-04-09T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00845", "published_at": "2026-04-11T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00839", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3614" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3614", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3614" }, { "reference_url": "http://seclists.org/oss-sec/2014/q3/589", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/oss-sec/2014/q3/589" }, { "reference_url": "http://secunia.com/advisories/61027", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61027" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95947" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:powerdns_recursor:3.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:powerdns_recursor:3.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:powerdns_recursor:3.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3614", "reference_id": "CVE-2014-3614", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3614" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934667?format=api", "purl": "pkg:deb/debian/pdns-recursor@3.6.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@3.6.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3614" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rcd7-knv1-xbgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94371?format=api", "vulnerability_id": "VCID-s6ds-tuus-n7hr", "summary": "In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14196", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06664", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06733", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06566", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06634", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06679", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06665", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06714", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06748", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06747", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.0674", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14196" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14196", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14196" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964103", "reference_id": "964103", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964103" }, { "reference_url": "https://security.archlinux.org/AVG-1199", "reference_id": "AVG-1199", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1199" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934680?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.3.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.3.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-14196" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s6ds-tuus-n7hr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93140?format=api", "vulnerability_id": "VCID-tcp4-6r2n-6uer", "summary": "When api-config-dir is set to a non-empty value, which is not the case by default, the API in PowerDNS Recursor 4.x up to and including 4.0.6 and 3.x up to and including 3.7.4 allows an authorized user to update the Recursor's ACL by adding and removing netmasks, and to configure forward zones. It was discovered that the new netmask and IP addresses of forwarded zones were not sufficiently validated, allowing an authenticated user to inject new configuration directives into the Recursor's configuration.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15093", "reference_id": "", "reference_type": "", "scores": [ { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00272", "published_at": "2026-04-16T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00288", "published_at": "2026-04-01T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00293", "published_at": "2026-04-02T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.0029", "published_at": "2026-04-04T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00282", "published_at": "2026-04-07T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.0028", "published_at": "2026-04-08T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00279", "published_at": "2026-04-11T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00276", "published_at": "2026-04-12T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00275", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15093" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15093", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15093" }, { "reference_url": "https://security.archlinux.org/ASA-201711-31", "reference_id": "ASA-201711-31", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-31" }, { "reference_url": "https://security.archlinux.org/AVG-520", "reference_id": "AVG-520", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-520" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934673?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.0.7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.0.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-15093" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tcp4-6r2n-6uer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96818?format=api", "vulnerability_id": "VCID-umcq-ztbz-qfb2", "summary": "An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59030", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19454", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19513", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19416", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19561", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24706", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24659", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24777", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24816", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.2459", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-59030" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59030", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59030" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122197", "reference_id": "1122197", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122197" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-08.html", "reference_id": "powerdns-advisory-2025-08.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T14:30:11Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-08.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934696?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.7-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.7-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934695?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.3.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.3.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-59030" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-umcq-ztbz-qfb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93137?format=api", "vulnerability_id": "VCID-urr2-qrfd-vfeh", "summary": "An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the signatures might have been accepted as valid even if the signed data was not in bailiwick of the DNSKEY used to sign it. This allows an attacker in position of man-in-the-middle to alter the content of records by issuing a valid signature for the crafted records.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15090", "reference_id": "", "reference_type": "", "scores": [ { "value": "2e-05", "scoring_system": "epss", "scoring_elements": "0.0005", "published_at": "2026-04-16T12:55:00Z" }, { "value": "2e-05", "scoring_system": "epss", "scoring_elements": "0.00049", "published_at": "2026-04-13T12:55:00Z" }, { "value": "2e-05", "scoring_system": "epss", "scoring_elements": "0.00048", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15090" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15090", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15090" }, { "reference_url": "https://security.archlinux.org/ASA-201711-31", "reference_id": "ASA-201711-31", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201711-31" }, { "reference_url": "https://security.archlinux.org/AVG-520", "reference_id": "AVG-520", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-520" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934673?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.0.7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.0.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-15090" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-urr2-qrfd-vfeh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61412?format=api", "vulnerability_id": "VCID-vprj-j7u6-zbe7", "summary": "Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93713", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93712", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93708", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93694", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93684", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.9373", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93706", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11802", "scoring_system": "epss", "scoring_elements": "0.93696", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html", "reference_id": "017430.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845", "reference_id": "1063845", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852", "reference_id": "1063852", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751", "reference_id": "1077751", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/2" }, { "reference_url": "https://www.isc.org/blogs/2024-bind-security-release/", "reference_id": "2024-bind-security-release", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://www.isc.org/blogs/2024-bind-security-release/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263917", "reference_id": "2263917", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263917" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/16/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/16/3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/", "reference_id": "6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/", "reference_id": "BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/" }, { "reference_url": "https://kb.isc.org/docs/cve-2023-50868", "reference_id": "cve-2023-50868", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://kb.isc.org/docs/cve-2023-50868" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-50868", "reference_id": "CVE-2023-50868", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-50868" }, { "reference_url": "https://security.gentoo.org/glsa/202412-10", "reference_id": "GLSA-202412-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-10" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/", "reference_id": "HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/", "reference_id": "IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html", "reference_id": "msg00006.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240307-0008/", "reference_id": "ntap-20240307-0008", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240307-0008/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/", "reference_id": "PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html", "reference_id": "powerdns-advisory-2024-01.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html" }, { "reference_url": "https://datatracker.ietf.org/doc/html/rfc5155", "reference_id": "rfc5155", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://datatracker.ietf.org/doc/html/rfc5155" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/", "reference_id": "RGS7JN6FZXUSTC2XKQHH27574XOULYYJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0965", "reference_id": "RHSA-2024:0965", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0965" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0977", "reference_id": "RHSA-2024:0977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0981", "reference_id": "RHSA-2024:0981", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0981" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0982", "reference_id": "RHSA-2024:0982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11003", "reference_id": "RHSA-2024:11003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1334", "reference_id": "RHSA-2024:1334", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1335", "reference_id": "RHSA-2024:1335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1522", "reference_id": "RHSA-2024:1522", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1522" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1543", "reference_id": "RHSA-2024:1543", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1543" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1544", "reference_id": "RHSA-2024:1544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1545", "reference_id": "RHSA-2024:1545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1647", "reference_id": "RHSA-2024:1647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1648", "reference_id": "RHSA-2024:1648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1781", "reference_id": "RHSA-2024:1781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1782", "reference_id": "RHSA-2024:1782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1789", "reference_id": "RHSA-2024:1789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1800", "reference_id": "RHSA-2024:1800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1801", "reference_id": "RHSA-2024:1801", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1801" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1803", "reference_id": "RHSA-2024:1803", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1803" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1804", "reference_id": "RHSA-2024:1804", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1804" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2551", "reference_id": "RHSA-2024:2551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2587", "reference_id": "RHSA-2024:2587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2696", "reference_id": "RHSA-2024:2696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2720", "reference_id": "RHSA-2024:2720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2721", "reference_id": "RHSA-2024:2721", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2821", "reference_id": "RHSA-2024:2821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2890", "reference_id": "RHSA-2024:2890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3271", "reference_id": "RHSA-2024:3271", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3271" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3741", "reference_id": "RHSA-2024:3741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3877", "reference_id": "RHSA-2024:3877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3929", "reference_id": "RHSA-2024:3929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0039", "reference_id": "RHSA-2025:0039", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0039" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1219826", "reference_id": "show_bug.cgi?id=1219826", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1219826" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/", "reference_id": "SVYA42BLXUCIDLD35YIJPJSHDIADNYMP", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/", "reference_id": "TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/" }, { "reference_url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/", "reference_id": "unbound-1.19.1-released", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/", "reference_id": "UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/" }, { "reference_url": "https://usn.ubuntu.com/6633-1/", "reference_id": "USN-6633-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6633-1/" }, { "reference_url": "https://usn.ubuntu.com/6642-1/", "reference_id": "USN-6642-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6642-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-1/", "reference_id": "USN-6657-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-1/" }, { "reference_url": "https://usn.ubuntu.com/6657-2/", "reference_id": "USN-6657-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6657-2/" }, { "reference_url": "https://usn.ubuntu.com/6665-1/", "reference_id": "USN-6665-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6665-1/" }, { "reference_url": "https://usn.ubuntu.com/6723-1/", "reference_id": "USN-6723-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6723-1/" }, { "reference_url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1", "reference_id": "v5.7.1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/", "reference_id": "ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934686?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934687?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.9.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.9.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-50868" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vprj-j7u6-zbe7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94182?format=api", "vulnerability_id": "VCID-vua1-5kz6-hban", "summary": "An issue has been found in PowerDNS Recursor versions after 4.1.3 before 4.1.9 where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3806", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06274", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06338", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06333", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06322", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.0623", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06264", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06283", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.0626", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06305", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06346", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3806" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3806" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-01.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-01.html" }, { "reference_url": "https://security.archlinux.org/ASA-201901-13", "reference_id": "ASA-201901-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201901-13" }, { "reference_url": "https://security.archlinux.org/AVG-856", "reference_id": "AVG-856", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-856" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3806", "reference_id": "CVE-2019-3806", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:H" }, { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3806" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934678?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.1.9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-3806" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vua1-5kz6-hban" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95999?format=api", "vulnerability_id": "VCID-wmgd-z2j3-h7d9", "summary": "An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25590", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31911", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31984", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31944", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32036", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32076", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.319", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31952", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31981", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25590", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25590" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1083285", "reference_id": "1083285", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1083285" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-04.html", "reference_id": "powerdns-advisory-2024-04.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T17:34:21Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-04.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934690?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.0.9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.0.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-25590" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wmgd-z2j3-h7d9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96620?format=api", "vulnerability_id": "VCID-wywf-pmyt-zud4", "summary": "An attacker spoofing answers to ECS enabled requests sent out by the Recursor has a chance of success higher than non-ECS enabled queries. The updated version include various mitigations against spoofing attempts of ECS enabled queries by chaining ECS enabled requests and enforcing stricter validation of the received answers. The most strict mitigation done when the new setting outgoing.edns_subnet_harden (old style name edns-subnet-harden) is enabled.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30192", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09742", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09691", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.1341", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13434", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13399", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13352", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13327", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.1346", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.14876", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30192" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30192", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30192" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109808", "reference_id": "1109808", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109808" }, { "reference_url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-04.html", "reference_id": "powerdns-advisory-2025-04.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-21T13:05:23Z/" } ], "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-04.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934691?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.4-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.4-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-30192" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wywf-pmyt-zud4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93417?format=api", "vulnerability_id": "VCID-xxxv-krt4-tka1", "summary": "Improper input validation bugs in DNSSEC validators components in PowerDNS version 4.1.0 allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000003", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03954", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03993", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.0401", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04024", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04031", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04049", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04021", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04007", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03979", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03962", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000003" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000003", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000003" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934675?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.1.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.1.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-1000003" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xxxv-krt4-tka1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81508?format=api", "vulnerability_id": "VCID-zdzj-q58r-5uby", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7074", "reference_id": "", "reference_type": "", "scores": [ { "value": "4e-05", "scoring_system": "epss", "scoring_elements": "0.00162", "published_at": "2026-04-08T12:55:00Z" }, { "value": "4e-05", "scoring_system": "epss", "scoring_elements": "0.00164", "published_at": "2026-04-12T12:55:00Z" }, { "value": "4e-05", "scoring_system": "epss", "scoring_elements": "0.00165", "published_at": "2026-04-16T12:55:00Z" }, { "value": "4e-05", "scoring_system": "epss", "scoring_elements": "0.00161", "published_at": "2026-04-02T12:55:00Z" }, { "value": "4e-05", "scoring_system": "epss", "scoring_elements": "0.00163", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7072", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7072" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7074" }, { "reference_url": "https://security.archlinux.org/ASA-201701-29", "reference_id": "ASA-201701-29", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-29" }, { "reference_url": "https://security.archlinux.org/ASA-201701-30", "reference_id": "ASA-201701-30", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201701-30" }, { "reference_url": "https://security.archlinux.org/AVG-147", "reference_id": "AVG-147", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-147" }, { "reference_url": "https://security.archlinux.org/AVG-148", "reference_id": "AVG-148", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-148" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934672?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.0.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.0.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-7074" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zdzj-q58r-5uby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91595?format=api", "vulnerability_id": "VCID-zr5j-8ewr-wkby", "summary": "Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow remote attackers to execute arbitrary code via a malformed TCP DNS query that prevents Recursor from properly calculating the TCP DNS query length.", "references": [ { "reference_url": "http://doc.powerdns.com/powerdns-advisory-2006-01.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://doc.powerdns.com/powerdns-advisory-2006-01.html" }, { "reference_url": "http://lists.suse.com/archive/suse-security-announce/2006-Nov/0007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Nov/0007.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-4251", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06443", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06385", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06418", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06453", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06441", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06491", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06533", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06527", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.0652", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.0651", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-4251" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4251", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4251" }, { "reference_url": "http://secunia.com/advisories/22824", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/22824" }, { "reference_url": "http://secunia.com/advisories/22903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/22903" }, { "reference_url": "http://secunia.com/advisories/22976", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/22976" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30270" }, { "reference_url": "http://www.debian.org/security/2006/dsa-1211", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2006/dsa-1211" }, { "reference_url": "http://www.securityfocus.com/bid/21037", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/21037" }, { "reference_url": "http://www.vupen.com/english/advisories/2006/4484", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2006/4484" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=398557", "reference_id": "398557", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=398557" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.0_rc1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:2.0_rc1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.0_rc1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:2.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.9.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:2.9.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.9.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.9.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:2.9.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.9.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.9.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:2.9.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.9.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.9.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:2.9.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:2.9.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:powerdns:recursor:3.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:3.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4251", "reference_id": "CVE-2006-4251", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4251" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934664?format=api", "purl": "pkg:deb/debian/pdns-recursor@3.1.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@3.1.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934661?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.4.2-3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-66sa-bc5p-jqde" }, { "vulnerability": "VCID-7dc3-qdk8-k7b2" }, { "vulnerability": "VCID-8tar-s444-zfac" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-mkcs-362g-t7aq" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-vprj-j7u6-zbe7" }, { "vulnerability": "VCID-wmgd-z2j3-h7d9" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.4.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934659?format=api", "purl": "pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ugc-uygs-hqb8" }, { "vulnerability": "VCID-cdzz-8tc8-jucu" }, { "vulnerability": "VCID-m445-c6a1-uugf" }, { "vulnerability": "VCID-pjbp-1jgm-s3cg" }, { "vulnerability": "VCID-umcq-ztbz-qfb2" }, { "vulnerability": "VCID-wywf-pmyt-zud4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934663?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934662?format=api", "purl": "pkg:deb/debian/pdns-recursor@5.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-4251" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zr5j-8ewr-wkby" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1%3Fdistro=trixie" }