Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-1bzd-pqhn-hqfj
Summarydnsmasq: vulnerable to Integer Overflow via forward_query
Aliases
0
alias CVE-2023-49441
Fixed_packages
0
url pkg:deb/debian/dnsmasq@2.90-1?distro=trixie
purl pkg:deb/debian/dnsmasq@2.90-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-1%3Fdistro=trixie
1
url pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie
purl pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie
2
url pkg:deb/debian/dnsmasq@2.90-4~deb12u1
purl pkg:deb/debian/dnsmasq@2.90-4~deb12u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1
3
url pkg:deb/debian/dnsmasq@2.91-1?distro=trixie
purl pkg:deb/debian/dnsmasq@2.91-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie
4
url pkg:deb/debian/dnsmasq@2.92-3?distro=trixie
purl pkg:deb/debian/dnsmasq@2.92-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/dnsmasq@2.85-1
purl pkg:deb/debian/dnsmasq@2.85-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bzd-pqhn-hqfj
1
vulnerability VCID-66sa-bc5p-jqde
2
vulnerability VCID-gnkg-afmr-r7aq
3
vulnerability VCID-p726-bqvu-dfda
4
vulnerability VCID-vprj-j7u6-zbe7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1
1
url pkg:deb/debian/dnsmasq@2.85-1?distro=trixie
purl pkg:deb/debian/dnsmasq@2.85-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1bzd-pqhn-hqfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49441.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49441.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-49441
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02143
published_at 2026-04-02T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02095
published_at 2026-04-16T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02144
published_at 2026-04-08T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02162
published_at 2026-04-09T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02139
published_at 2026-04-11T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02124
published_at 2026-04-12T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.0212
published_at 2026-04-13T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02148
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-49441
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49441
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49441
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2023q4/017332.html
reference_id 017332.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T18:34:35Z/
url https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2023q4/017332.html
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2290849
reference_id 2290849
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2290849
6
reference_url https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=65c2d6afd67a032f45f40d7e4d620f5d73e5f07d
reference_id ?p=dnsmasq.git%3Ba=commit%3Bh=65c2d6afd67a032f45f40d7e4d620f5d73e5f07d
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T18:34:35Z/
url https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=65c2d6afd67a032f45f40d7e4d620f5d73e5f07d
Weaknesses
0
cwe_id 190
name Integer Overflow or Wraparound
description The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.
Exploits
Severity_range_score6.5 - 7.5
Exploitability0.5
Weighted_severity5.9
Risk_score3.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-1bzd-pqhn-hqfj