Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/dnsmasq@2.22-2

Type deb

Namespace debian

Name dnsmasq

Version 2.22-2

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.90-4~deb12u1

Latest_non_vulnerable_version 2.90-4~deb12u1

Affected_by_vulnerabilities

url VCID-3x7u-ajbx-6fht

vulnerability_id VCID-3x7u-ajbx-6fht

summary

Two vulnerabilities in dnsmasq might allow for a Denial of Service or
    spoofing of DNS replies.

references

reference_url	http://article.gmane.org/gmane.network.dns.dnsmasq.general/2189
reference_id
reference_type
scores
url	http://article.gmane.org/gmane.network.dns.dnsmasq.general/2189

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3350.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3350.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3350

reference_id

reference_type

scores

value	0.0119
scoring_system	epss
scoring_elements	0.78836
published_at	2026-04-13T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78787
published_at	2026-04-01T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78794
published_at	2026-04-02T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78825
published_at	2026-04-04T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78807
published_at	2026-04-07T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78833
published_at	2026-04-08T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78839
published_at	2026-04-09T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78863
published_at	2026-04-11T12:55:00Z

value	0.0119
scoring_system	epss
scoring_elements	0.78846
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3350

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3350
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3350

reference_url	http://secunia.com/advisories/31197
reference_id
reference_type
scores
url	http://secunia.com/advisories/31197

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43957
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43957

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43960
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43960

reference_url	http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
reference_id
reference_type
scores
url	http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

reference_url	http://www.vupen.com/english/advisories/2008/2166
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2166

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:the_kelleys:dnsmasq:2.43:::::::*
reference_id	cpe:2.3:a:the_kelleys:dnsmasq:2.43:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:the_kelleys:dnsmasq:2.43:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-3350

reference_id

CVE-2008-3350

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2008-3350

reference_url	https://security.gentoo.org/glsa/200809-02
reference_id	GLSA-200809-02
reference_type
scores
url	https://security.gentoo.org/glsa/200809-02

fixed_packages

url pkg:deb/debian/dnsmasq@2.45-1%2Blenny1

purl pkg:deb/debian/dnsmasq@2.45-1%2Blenny1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-4fwm-653p-ufcj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-antt-5fzu-87dw

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-bed9-8jhu-pkf9

vulnerability	VCID-d3nu-fztq-nffg

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-huvr-uav1-ffex

vulnerability	VCID-hxys-tpgq-3uf6

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-jum5-ndq3-xbhp

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nc6t-132e-cqda

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.45-1%252Blenny1

aliases CVE-2008-3350

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3x7u-ajbx-6fht

url VCID-4a66-hb88-jbgp

vulnerability_id VCID-4a66-hb88-jbgp

summary dnsmasq: memory leak in the create_helper() function in /src/helper.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14834.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14834.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14834

reference_id

reference_type

scores

value	0.00042
scoring_system	epss
scoring_elements	0.12755
published_at	2026-04-01T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.12856
published_at	2026-04-02T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.12907
published_at	2026-04-04T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.12712
published_at	2026-04-07T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.12792
published_at	2026-04-08T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.12843
published_at	2026-04-09T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.12809
published_at	2026-04-11T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.12772
published_at	2026-04-12T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.12725
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14834

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14834
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14834

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1764425
reference_id	1764425
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1764425

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948373
reference_id	948373
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948373

reference_url	https://access.redhat.com/errata/RHSA-2020:1715
reference_id	RHSA-2020:1715
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1715

reference_url	https://access.redhat.com/errata/RHSA-2020:3878
reference_id	RHSA-2020:3878
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3878

reference_url	https://usn.ubuntu.com/4698-1/
reference_id	USN-4698-1
reference_type
scores
url	https://usn.ubuntu.com/4698-1/

reference_url	https://usn.ubuntu.com/7689-1/
reference_id	USN-7689-1
reference_type
scores
url	https://usn.ubuntu.com/7689-1/

fixed_packages

url pkg:deb/debian/dnsmasq@2.85-1

purl pkg:deb/debian/dnsmasq@2.85-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bzd-pqhn-hqfj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1

aliases CVE-2019-14834

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4a66-hb88-jbgp

url VCID-4fwm-653p-ufcj

vulnerability_id VCID-4fwm-653p-ufcj

summary dnsmasq: Denial-of-service when empty address from DNS overlays A record from hosts

references

reference_url	http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html
reference_id
reference_type
scores
url	http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html

reference_url	http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010505.html
reference_id
reference_type
scores
url	http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010505.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8899.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8899.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8899

reference_id

reference_type

scores

value	0.0008
scoring_system	epss
scoring_elements	0.23692
published_at	2026-04-13T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23792
published_at	2026-04-11T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23748
published_at	2026-04-12T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23716
published_at	2026-04-01T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23833
published_at	2026-04-02T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23873
published_at	2026-04-04T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23661
published_at	2026-04-07T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23731
published_at	2026-04-08T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23777
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8899

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8899
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8899

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=41a8d9e99be9f2cc8b02051dd322cb45e0faac87
reference_id
reference_type
scores
url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=41a8d9e99be9f2cc8b02051dd322cb45e0faac87

reference_url	http://www.openwall.com/lists/oss-security/2016/06/03/7
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/06/03/7

reference_url	http://www.openwall.com/lists/oss-security/2016/06/04/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/06/04/2

reference_url	http://www.securityfocus.com/bid/91031
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91031

reference_url	http://www.securitytracker.com/id/1036045
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1036045

reference_url	http://www.ubuntu.com/usn/USN-3009-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-3009-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1343072
reference_id	1343072
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1343072

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_id	cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8899

reference_id

CVE-2015-8899

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8899

reference_url	https://usn.ubuntu.com/3009-1/
reference_id	USN-3009-1
reference_type
scores
url	https://usn.ubuntu.com/3009-1/

fixed_packages

url pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2

purl pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2

aliases CVE-2015-8899

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4fwm-653p-ufcj

url VCID-66sa-bc5p-jqde

vulnerability_id VCID-66sa-bc5p-jqde

summary Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-50387

reference_id

reference_type

scores

value	0.51989
scoring_system	epss
scoring_elements	0.97913
published_at	2026-04-12T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97912
published_at	2026-04-11T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97909
published_at	2026-04-09T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97898
published_at	2026-04-04T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97906
published_at	2026-04-08T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97901
published_at	2026-04-07T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97896
published_at	2026-04-02T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97914
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-50387

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html

reference_id

017430.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845
reference_id	1063845
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852
reference_id	1063852
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750
reference_id	1077750
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750

reference_url

http://www.openwall.com/lists/oss-security/2024/02/16/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

http://www.openwall.com/lists/oss-security/2024/02/16/2

reference_url

https://www.isc.org/blogs/2024-bind-security-release/

reference_id

2024-bind-security-release

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://www.isc.org/blogs/2024-bind-security-release/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2263914
reference_id	2263914
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2263914

reference_url

http://www.openwall.com/lists/oss-security/2024/02/16/3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

http://www.openwall.com/lists/oss-security/2024/02/16/3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/

reference_id

6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/

reference_id

BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/

reference_url

https://kb.isc.org/docs/cve-2023-50387

reference_id

cve-2023-50387

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://kb.isc.org/docs/cve-2023-50387

reference_url

https://access.redhat.com/security/cve/CVE-2023-50387

reference_id

CVE-2023-50387

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://access.redhat.com/security/cve/CVE-2023-50387

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387

reference_id

CVE-2023-50387

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387

reference_url

https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/

reference_id

dnssec_vulnerability_internet

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/

reference_url	https://security.gentoo.org/glsa/202412-10
reference_id	GLSA-202412-10
reference_type
scores
url	https://security.gentoo.org/glsa/202412-10

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/

reference_id

HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/

reference_id

IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/

reference_url

https://news.ycombinator.com/item?id=39367411

reference_id

item?id=39367411

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://news.ycombinator.com/item?id=39367411

reference_url

https://news.ycombinator.com/item?id=39372384

reference_id

item?id=39372384

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://news.ycombinator.com/item?id=39372384

reference_url

https://www.athene-center.de/aktuelles/key-trap

reference_id

key-trap

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://www.athene-center.de/aktuelles/key-trap

reference_url

https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/

reference_id

keytrap-dns-attack-could-disable-large-parts-of-internet-researchers

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/

reference_url

https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html

reference_id

msg00006.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html

reference_id

msg00011.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html

reference_url

https://security.netapp.com/advisory/ntap-20240307-0007/

reference_id

ntap-20240307-0007

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://security.netapp.com/advisory/ntap-20240307-0007/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/

reference_id

PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html

reference_id

powerdns-advisory-2024-01.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/

reference_id

RGS7JN6FZXUSTC2XKQHH27574XOULYYJ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/

reference_url	https://access.redhat.com/errata/RHSA-2024:0965
reference_id	RHSA-2024:0965
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0965

reference_url	https://access.redhat.com/errata/RHSA-2024:0977
reference_id	RHSA-2024:0977
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0977

reference_url	https://access.redhat.com/errata/RHSA-2024:0981
reference_id	RHSA-2024:0981
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0981

reference_url	https://access.redhat.com/errata/RHSA-2024:0982
reference_id	RHSA-2024:0982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0982

reference_url	https://access.redhat.com/errata/RHSA-2024:11003
reference_id	RHSA-2024:11003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:11003

reference_url	https://access.redhat.com/errata/RHSA-2024:1334
reference_id	RHSA-2024:1334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1334

reference_url	https://access.redhat.com/errata/RHSA-2024:1335
reference_id	RHSA-2024:1335
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1335

reference_url	https://access.redhat.com/errata/RHSA-2024:1522
reference_id	RHSA-2024:1522
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1522

reference_url	https://access.redhat.com/errata/RHSA-2024:1543
reference_id	RHSA-2024:1543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1543

reference_url	https://access.redhat.com/errata/RHSA-2024:1544
reference_id	RHSA-2024:1544
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1544

reference_url	https://access.redhat.com/errata/RHSA-2024:1545
reference_id	RHSA-2024:1545
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1545

reference_url	https://access.redhat.com/errata/RHSA-2024:1647
reference_id	RHSA-2024:1647
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1647

reference_url	https://access.redhat.com/errata/RHSA-2024:1648
reference_id	RHSA-2024:1648
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1648

reference_url	https://access.redhat.com/errata/RHSA-2024:1781
reference_id	RHSA-2024:1781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1781

reference_url	https://access.redhat.com/errata/RHSA-2024:1782
reference_id	RHSA-2024:1782
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1782

reference_url	https://access.redhat.com/errata/RHSA-2024:1789
reference_id	RHSA-2024:1789
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1789

reference_url	https://access.redhat.com/errata/RHSA-2024:1800
reference_id	RHSA-2024:1800
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1800

reference_url	https://access.redhat.com/errata/RHSA-2024:1801
reference_id	RHSA-2024:1801
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1801

reference_url	https://access.redhat.com/errata/RHSA-2024:1803
reference_id	RHSA-2024:1803
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1803

reference_url	https://access.redhat.com/errata/RHSA-2024:1804
reference_id	RHSA-2024:1804
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1804

reference_url	https://access.redhat.com/errata/RHSA-2024:2551
reference_id	RHSA-2024:2551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2551

reference_url	https://access.redhat.com/errata/RHSA-2024:2587
reference_id	RHSA-2024:2587
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2587

reference_url	https://access.redhat.com/errata/RHSA-2024:2696
reference_id	RHSA-2024:2696
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2696

reference_url	https://access.redhat.com/errata/RHSA-2024:2720
reference_id	RHSA-2024:2720
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2720

reference_url	https://access.redhat.com/errata/RHSA-2024:2721
reference_id	RHSA-2024:2721
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2721

reference_url	https://access.redhat.com/errata/RHSA-2024:2821
reference_id	RHSA-2024:2821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2821

reference_url	https://access.redhat.com/errata/RHSA-2024:2890
reference_id	RHSA-2024:2890
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2890

reference_url	https://access.redhat.com/errata/RHSA-2024:3271
reference_id	RHSA-2024:3271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3271

reference_url	https://access.redhat.com/errata/RHSA-2024:3741
reference_id	RHSA-2024:3741
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3741

reference_url	https://access.redhat.com/errata/RHSA-2024:3877
reference_id	RHSA-2024:3877
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3877

reference_url	https://access.redhat.com/errata/RHSA-2024:3929
reference_id	RHSA-2024:3929
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3929

reference_url	https://access.redhat.com/errata/RHSA-2025:0039
reference_id	RHSA-2025:0039
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0039

reference_url

https://bugzilla.suse.com/show_bug.cgi?id=1219823

reference_id

show_bug.cgi?id=1219823

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://bugzilla.suse.com/show_bug.cgi?id=1219823

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/

reference_id

SVYA42BLXUCIDLD35YIJPJSHDIADNYMP

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/

reference_url

https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf

reference_id

Technical_Report_KeyTrap.pdf

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/

reference_id

TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/

reference_url

https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/

reference_id

unbound-1.19.1-released

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/

reference_id

UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/

reference_url	https://usn.ubuntu.com/6633-1/
reference_id	USN-6633-1
reference_type
scores
url	https://usn.ubuntu.com/6633-1/

reference_url	https://usn.ubuntu.com/6642-1/
reference_id	USN-6642-1
reference_type
scores
url	https://usn.ubuntu.com/6642-1/

reference_url	https://usn.ubuntu.com/6657-1/
reference_id	USN-6657-1
reference_type
scores
url	https://usn.ubuntu.com/6657-1/

reference_url	https://usn.ubuntu.com/6657-2/
reference_id	USN-6657-2
reference_type
scores
url	https://usn.ubuntu.com/6657-2/

reference_url	https://usn.ubuntu.com/6665-1/
reference_id	USN-6665-1
reference_type
scores
url	https://usn.ubuntu.com/6665-1/

reference_url	https://usn.ubuntu.com/6723-1/
reference_id	USN-6723-1
reference_type
scores
url	https://usn.ubuntu.com/6723-1/

reference_url

https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1

reference_id

v5.7.1

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/

reference_id

ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/

fixed_packages

url	pkg:deb/debian/dnsmasq@2.90-4~deb12u1
purl	pkg:deb/debian/dnsmasq@2.90-4~deb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1

aliases CVE-2023-50387

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-66sa-bc5p-jqde

url VCID-69jf-2cmm-tkhj

vulnerability_id VCID-69jf-2cmm-tkhj

summary

Multiple vulnerabilities have been found in Dnsmasq, the worst of
    which may allow remote attackers to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25682.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25682.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25682

reference_id

reference_type

scores

value	0.34287
scoring_system	epss
scoring_elements	0.96955
published_at	2026-04-01T12:55:00Z

value	0.34287
scoring_system	epss
scoring_elements	0.96983
published_at	2026-04-13T12:55:00Z

value	0.34287
scoring_system	epss
scoring_elements	0.96981
published_at	2026-04-11T12:55:00Z

value	0.34287
scoring_system	epss
scoring_elements	0.96982
published_at	2026-04-12T12:55:00Z

value	0.34287
scoring_system	epss
scoring_elements	0.96962
published_at	2026-04-02T12:55:00Z

value	0.34287
scoring_system	epss
scoring_elements	0.96966
published_at	2026-04-04T12:55:00Z

value	0.34287
scoring_system	epss
scoring_elements	0.96969
published_at	2026-04-07T12:55:00Z

value	0.34287
scoring_system	epss
scoring_elements	0.96977
published_at	2026-04-08T12:55:00Z

value	0.34287
scoring_system	epss
scoring_elements	0.96978
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25682

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1882014
reference_id	1882014
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1882014

reference_url	https://security.archlinux.org/ASA-202101-38
reference_id	ASA-202101-38
reference_type
scores
url	https://security.archlinux.org/ASA-202101-38

reference_url

https://security.archlinux.org/AVG-1470

reference_id

AVG-1470

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1470

reference_url	https://security.gentoo.org/glsa/202101-17
reference_id	GLSA-202101-17
reference_type
scores
url	https://security.gentoo.org/glsa/202101-17

reference_url	https://access.redhat.com/errata/RHSA-2021:0150
reference_id	RHSA-2021:0150
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0150

reference_url	https://access.redhat.com/errata/RHSA-2021:0151
reference_id	RHSA-2021:0151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0151

reference_url	https://access.redhat.com/errata/RHSA-2021:0152
reference_id	RHSA-2021:0152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0152

reference_url	https://usn.ubuntu.com/4698-1/
reference_id	USN-4698-1
reference_type
scores
url	https://usn.ubuntu.com/4698-1/

fixed_packages

url pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

purl pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1

url pkg:deb/debian/dnsmasq@2.85-1

purl pkg:deb/debian/dnsmasq@2.85-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bzd-pqhn-hqfj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1

aliases CVE-2020-25682

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-69jf-2cmm-tkhj

url VCID-8fbf-8fea-27d9

vulnerability_id VCID-8fbf-8fea-27d9

summary

Two vulnerabilities in dnsmasq might allow for a Denial of Service or
    spoofing of DNS replies.

references

reference_url	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc
reference_id
reference_type
scores
url	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc

reference_url	http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html
reference_id
reference_type
scores
url	http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html

reference_url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401
reference_id
reference_type
scores
url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401

reference_url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520
reference_id
reference_type
scores
url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520

reference_url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368
reference_id
reference_type
scores
url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368

reference_url	http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html

reference_url	http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html

reference_url	http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html
reference_id
reference_type
scores
url	http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

reference_url	http://marc.info/?l=bugtraq&m=121630706004256&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=121630706004256&w=2

reference_url	http://marc.info/?l=bugtraq&m=121866517322103&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=121866517322103&w=2

reference_url	http://marc.info/?l=bugtraq&m=123324863916385&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=123324863916385&w=2

reference_url	http://marc.info/?l=bugtraq&m=141879471518471&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=141879471518471&w=2

reference_url	http://rhn.redhat.com/errata/RHSA-2008-0533.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2008-0533.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-1447

reference_id

reference_type

scores

value	0.86697
scoring_system	epss
scoring_elements	0.99423
published_at	2026-04-13T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.99422
published_at	2026-04-11T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.99417
published_at	2026-04-01T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.99416
published_at	2026-04-02T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.99418
published_at	2026-04-07T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.99419
published_at	2026-04-08T12:55:00Z

value	0.86697
scoring_system	epss
scoring_elements	0.9942
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-1447

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447

reference_url	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037
reference_id
reference_type
scores
url	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037

reference_url	http://secunia.com/advisories/30925
reference_id
reference_type
scores
url	http://secunia.com/advisories/30925

reference_url	http://secunia.com/advisories/30973
reference_id
reference_type
scores
url	http://secunia.com/advisories/30973

reference_url	http://secunia.com/advisories/30977
reference_id
reference_type
scores
url	http://secunia.com/advisories/30977

reference_url	http://secunia.com/advisories/30979
reference_id
reference_type
scores
url	http://secunia.com/advisories/30979

reference_url	http://secunia.com/advisories/30980
reference_id
reference_type
scores
url	http://secunia.com/advisories/30980

reference_url	http://secunia.com/advisories/30988
reference_id
reference_type
scores
url	http://secunia.com/advisories/30988

reference_url	http://secunia.com/advisories/30989
reference_id
reference_type
scores
url	http://secunia.com/advisories/30989

reference_url	http://secunia.com/advisories/30998
reference_id
reference_type
scores
url	http://secunia.com/advisories/30998

reference_url	http://secunia.com/advisories/31011
reference_id
reference_type
scores
url	http://secunia.com/advisories/31011

reference_url	http://secunia.com/advisories/31012
reference_id
reference_type
scores
url	http://secunia.com/advisories/31012

reference_url	http://secunia.com/advisories/31014
reference_id
reference_type
scores
url	http://secunia.com/advisories/31014

reference_url	http://secunia.com/advisories/31019
reference_id
reference_type
scores
url	http://secunia.com/advisories/31019

reference_url	http://secunia.com/advisories/31022
reference_id
reference_type
scores
url	http://secunia.com/advisories/31022

reference_url	http://secunia.com/advisories/31030
reference_id
reference_type
scores
url	http://secunia.com/advisories/31030

reference_url	http://secunia.com/advisories/31031
reference_id
reference_type
scores
url	http://secunia.com/advisories/31031

reference_url	http://secunia.com/advisories/31033
reference_id
reference_type
scores
url	http://secunia.com/advisories/31033

reference_url	http://secunia.com/advisories/31052
reference_id
reference_type
scores
url	http://secunia.com/advisories/31052

reference_url	http://secunia.com/advisories/31065
reference_id
reference_type
scores
url	http://secunia.com/advisories/31065

reference_url	http://secunia.com/advisories/31072
reference_id
reference_type
scores
url	http://secunia.com/advisories/31072

reference_url	http://secunia.com/advisories/31093
reference_id
reference_type
scores
url	http://secunia.com/advisories/31093

reference_url	http://secunia.com/advisories/31094
reference_id
reference_type
scores
url	http://secunia.com/advisories/31094

reference_url	http://secunia.com/advisories/31137
reference_id
reference_type
scores
url	http://secunia.com/advisories/31137

reference_url	http://secunia.com/advisories/31143
reference_id
reference_type
scores
url	http://secunia.com/advisories/31143

reference_url	http://secunia.com/advisories/31151
reference_id
reference_type
scores
url	http://secunia.com/advisories/31151

reference_url	http://secunia.com/advisories/31152
reference_id
reference_type
scores
url	http://secunia.com/advisories/31152

reference_url	http://secunia.com/advisories/31153
reference_id
reference_type
scores
url	http://secunia.com/advisories/31153

reference_url	http://secunia.com/advisories/31169
reference_id
reference_type
scores
url	http://secunia.com/advisories/31169

reference_url	http://secunia.com/advisories/31197
reference_id
reference_type
scores
url	http://secunia.com/advisories/31197

reference_url	http://secunia.com/advisories/31199
reference_id
reference_type
scores
url	http://secunia.com/advisories/31199

reference_url	http://secunia.com/advisories/31204
reference_id
reference_type
scores
url	http://secunia.com/advisories/31204

reference_url	http://secunia.com/advisories/31207
reference_id
reference_type
scores
url	http://secunia.com/advisories/31207

reference_url	http://secunia.com/advisories/31209
reference_id
reference_type
scores
url	http://secunia.com/advisories/31209

reference_url	http://secunia.com/advisories/31212
reference_id
reference_type
scores
url	http://secunia.com/advisories/31212

reference_url	http://secunia.com/advisories/31213
reference_id
reference_type
scores
url	http://secunia.com/advisories/31213

reference_url	http://secunia.com/advisories/31221
reference_id
reference_type
scores
url	http://secunia.com/advisories/31221

reference_url	http://secunia.com/advisories/31236
reference_id
reference_type
scores
url	http://secunia.com/advisories/31236

reference_url	http://secunia.com/advisories/31237
reference_id
reference_type
scores
url	http://secunia.com/advisories/31237

reference_url	http://secunia.com/advisories/31254
reference_id
reference_type
scores
url	http://secunia.com/advisories/31254

reference_url	http://secunia.com/advisories/31326
reference_id
reference_type
scores
url	http://secunia.com/advisories/31326

reference_url	http://secunia.com/advisories/31354
reference_id
reference_type
scores
url	http://secunia.com/advisories/31354

reference_url	http://secunia.com/advisories/31422
reference_id
reference_type
scores
url	http://secunia.com/advisories/31422

reference_url	http://secunia.com/advisories/31430
reference_id
reference_type
scores
url	http://secunia.com/advisories/31430

reference_url	http://secunia.com/advisories/31451
reference_id
reference_type
scores
url	http://secunia.com/advisories/31451

reference_url	http://secunia.com/advisories/31482
reference_id
reference_type
scores
url	http://secunia.com/advisories/31482

reference_url	http://secunia.com/advisories/31495
reference_id
reference_type
scores
url	http://secunia.com/advisories/31495

reference_url	http://secunia.com/advisories/31588
reference_id
reference_type
scores
url	http://secunia.com/advisories/31588

reference_url	http://secunia.com/advisories/31687
reference_id
reference_type
scores
url	http://secunia.com/advisories/31687

reference_url	http://secunia.com/advisories/31823
reference_id
reference_type
scores
url	http://secunia.com/advisories/31823

reference_url	http://secunia.com/advisories/31882
reference_id
reference_type
scores
url	http://secunia.com/advisories/31882

reference_url	http://secunia.com/advisories/31900
reference_id
reference_type
scores
url	http://secunia.com/advisories/31900

reference_url	http://secunia.com/advisories/33178
reference_id
reference_type
scores
url	http://secunia.com/advisories/33178

reference_url	http://secunia.com/advisories/33714
reference_id
reference_type
scores
url	http://secunia.com/advisories/33714

reference_url	http://secunia.com/advisories/33786
reference_id
reference_type
scores
url	http://secunia.com/advisories/33786

reference_url	http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc
reference_id
reference_type
scores
url	http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc

reference_url	http://security.gentoo.org/glsa/glsa-200807-08.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200807-08.xml

reference_url	http://security.gentoo.org/glsa/glsa-200812-17.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200812-17.xml

reference_url	http://security.gentoo.org/glsa/glsa-201209-25.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-201209-25.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43334
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43334

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43637
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43637

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1

reference_url	http://support.apple.com/kb/HT3026
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3026

reference_url	http://support.apple.com/kb/HT3129
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3129

reference_url	http://support.citrix.com/article/CTX117991
reference_id
reference_type
scores
url	http://support.citrix.com/article/CTX117991

reference_url	http://support.citrix.com/article/CTX118183
reference_id
reference_type
scores
url	http://support.citrix.com/article/CTX118183

reference_url	http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152
reference_id
reference_type
scores
url	http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152

reference_url	https://www.exploit-db.com/exploits/6122
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/6122

reference_url	https://www.exploit-db.com/exploits/6123
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/6123

reference_url	https://www.exploit-db.com/exploits/6130
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/6130

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html

reference_url	https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
reference_id
reference_type
scores
url	https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

100

reference_url	http://up2date.astaro.com/2008/08/up2date_7202_released.html
reference_id
reference_type
scores
url	http://up2date.astaro.com/2008/08/up2date_7202_released.html

101

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231

102

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018

103

reference_url	http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning
reference_id
reference_type
scores
url	http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning

104

reference_url	http://www.caughq.org/exploits/CAU-EX-2008-0002.txt
reference_id
reference_type
scores
url	http://www.caughq.org/exploits/CAU-EX-2008-0002.txt

105

reference_url	http://www.caughq.org/exploits/CAU-EX-2008-0003.txt
reference_id
reference_type
scores
url	http://www.caughq.org/exploits/CAU-EX-2008-0003.txt

106

reference_url	http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml
reference_id
reference_type
scores
url	http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml

107

reference_url	http://www.debian.org/security/2008/dsa-1603
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1603

108

reference_url	http://www.debian.org/security/2008/dsa-1604
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1604

109

reference_url	http://www.debian.org/security/2008/dsa-1605
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1605

110

reference_url	http://www.debian.org/security/2008/dsa-1619
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1619

111

reference_url	http://www.debian.org/security/2008/dsa-1623
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1623

112

reference_url	http://www.doxpara.com/DMK_BO2K8.ppt
reference_id
reference_type
scores
url	http://www.doxpara.com/DMK_BO2K8.ppt

113

reference_url	http://www.doxpara.com/?p=1176
reference_id
reference_type
scores
url	http://www.doxpara.com/?p=1176

114

reference_url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26667
reference_id
reference_type
scores
url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26667

115

reference_url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26668
reference_id
reference_type
scores
url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26668

116

reference_url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26669
reference_id
reference_type
scores
url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26669

117

reference_url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26670
reference_id
reference_type
scores
url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26670

118

reference_url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26671
reference_id
reference_type
scores
url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26671

119

reference_url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26672
reference_id
reference_type
scores
url	http://www.ibm.com/support/docview.wss?uid=isg1IZ26672

120

reference_url	http://www.ipcop.org/index.php?name=News&file=article&sid=40
reference_id
reference_type
scores
url	http://www.ipcop.org/index.php?name=News&file=article&sid=40

121

reference_url	http://www.isc.org/index.pl?/sw/bind/bind-security.php
reference_id
reference_type
scores
url	http://www.isc.org/index.pl?/sw/bind/bind-security.php

122

reference_url	http://www.kb.cert.org/vuls/id/800113
reference_id
reference_type
scores
url	http://www.kb.cert.org/vuls/id/800113

123

reference_url	http://www.kb.cert.org/vuls/id/MIMG-7DWR4J
reference_id
reference_type
scores
url	http://www.kb.cert.org/vuls/id/MIMG-7DWR4J

124

reference_url	http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q
reference_id
reference_type
scores
url	http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q

125

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:139
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:139

126

reference_url	http://www.nominum.com/asset_upload_file741_2661.pdf
reference_id
reference_type
scores
url	http://www.nominum.com/asset_upload_file741_2661.pdf

127

reference_url	http://www.novell.com/support/viewContent.do?externalId=7000912
reference_id
reference_type
scores
url	http://www.novell.com/support/viewContent.do?externalId=7000912

128

reference_url	http://www.openbsd.org/errata42.html#013_bind
reference_id
reference_type
scores
url	http://www.openbsd.org/errata42.html#013_bind

129

reference_url	http://www.openbsd.org/errata43.html#004_bind
reference_id
reference_type
scores
url	http://www.openbsd.org/errata43.html#004_bind

130

reference_url	http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog
reference_id
reference_type
scores
url	http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog

131

reference_url	http://www.phys.uu.nl/~rombouts/pdnsd.html
reference_id
reference_type
scores
url	http://www.phys.uu.nl/~rombouts/pdnsd.html

132

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0789.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0789.html

133

reference_url	http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html
reference_id
reference_type
scores
url	http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html

134

reference_url	http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/
reference_id
reference_type
scores
url	http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/

135

reference_url	http://www.securityfocus.com/archive/1/495289/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/495289/100/0/threaded

136

reference_url	http://www.securityfocus.com/archive/1/495869/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/495869/100/0/threaded

137

reference_url	http://www.securityfocus.com/bid/30131
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/30131

138

reference_url	http://www.securitytracker.com/id?1020437
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020437

139

reference_url	http://www.securitytracker.com/id?1020438
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020438

140

reference_url	http://www.securitytracker.com/id?1020440
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020440

141

reference_url	http://www.securitytracker.com/id?1020448
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020448

142

reference_url	http://www.securitytracker.com/id?1020449
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020449

143

reference_url	http://www.securitytracker.com/id?1020548
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020548

144

reference_url	http://www.securitytracker.com/id?1020558
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020558

145

reference_url	http://www.securitytracker.com/id?1020560
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020560

146

reference_url	http://www.securitytracker.com/id?1020561
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020561

147

reference_url	http://www.securitytracker.com/id?1020575
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020575

148

reference_url	http://www.securitytracker.com/id?1020576
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020576

149

reference_url	http://www.securitytracker.com/id?1020577
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020577

150

reference_url	http://www.securitytracker.com/id?1020578
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020578

151

reference_url	http://www.securitytracker.com/id?1020579
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020579

152

reference_url	http://www.securitytracker.com/id?1020651
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020651

153

reference_url	http://www.securitytracker.com/id?1020653
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020653

154

reference_url	http://www.securitytracker.com/id?1020702
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020702

155

reference_url	http://www.securitytracker.com/id?1020802
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020802

156

reference_url	http://www.securitytracker.com/id?1020804
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020804

157

reference_url	http://www.ubuntu.com/usn/usn-622-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-622-1

158

reference_url	http://www.ubuntu.com/usn/usn-627-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-627-1

159

reference_url	http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html
reference_id
reference_type
scores
url	http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html

160

reference_url	http://www.us-cert.gov/cas/techalerts/TA08-190A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA08-190A.html

161

reference_url	http://www.us-cert.gov/cas/techalerts/TA08-190B.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA08-190B.html

162

reference_url	http://www.us-cert.gov/cas/techalerts/TA08-260A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA08-260A.html

163

reference_url	http://www.vmware.com/security/advisories/VMSA-2008-0014.html
reference_id
reference_type
scores
url	http://www.vmware.com/security/advisories/VMSA-2008-0014.html

164

reference_url	http://www.vupen.com/english/advisories/2008/2019/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2019/references

165

reference_url	http://www.vupen.com/english/advisories/2008/2023/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2023/references

166

reference_url	http://www.vupen.com/english/advisories/2008/2025/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2025/references

167

reference_url	http://www.vupen.com/english/advisories/2008/2029/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2029/references

168

reference_url	http://www.vupen.com/english/advisories/2008/2030/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2030/references

169

reference_url	http://www.vupen.com/english/advisories/2008/2050/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2050/references

170

reference_url	http://www.vupen.com/english/advisories/2008/2051/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2051/references

171

reference_url	http://www.vupen.com/english/advisories/2008/2052/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2052/references

172

reference_url	http://www.vupen.com/english/advisories/2008/2055/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2055/references

173

reference_url	http://www.vupen.com/english/advisories/2008/2092/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2092/references

174

reference_url	http://www.vupen.com/english/advisories/2008/2113/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2113/references

175

reference_url	http://www.vupen.com/english/advisories/2008/2114/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2114/references

176

reference_url	http://www.vupen.com/english/advisories/2008/2123/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2123/references

177

reference_url	http://www.vupen.com/english/advisories/2008/2139/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2139/references

178

reference_url	http://www.vupen.com/english/advisories/2008/2166/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2166/references

179

reference_url	http://www.vupen.com/english/advisories/2008/2195/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2195/references

180

reference_url	http://www.vupen.com/english/advisories/2008/2196/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2196/references

181

reference_url	http://www.vupen.com/english/advisories/2008/2197/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2197/references

182

reference_url	http://www.vupen.com/english/advisories/2008/2268
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2268

183

reference_url	http://www.vupen.com/english/advisories/2008/2291
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2291

184

reference_url	http://www.vupen.com/english/advisories/2008/2334
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2334

185

reference_url	http://www.vupen.com/english/advisories/2008/2342
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2342

186

reference_url	http://www.vupen.com/english/advisories/2008/2377
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2377

187

reference_url	http://www.vupen.com/english/advisories/2008/2383
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2383

188

reference_url	http://www.vupen.com/english/advisories/2008/2384
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2384

189

reference_url	http://www.vupen.com/english/advisories/2008/2466
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2466

190

reference_url	http://www.vupen.com/english/advisories/2008/2467
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2467

191

reference_url	http://www.vupen.com/english/advisories/2008/2482
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2482

192

reference_url	http://www.vupen.com/english/advisories/2008/2525
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2525

193

reference_url	http://www.vupen.com/english/advisories/2008/2549
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2549

194

reference_url	http://www.vupen.com/english/advisories/2008/2558
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2558

195

reference_url	http://www.vupen.com/english/advisories/2008/2582
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2582

196

reference_url	http://www.vupen.com/english/advisories/2008/2584
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2584

197

reference_url	http://www.vupen.com/english/advisories/2009/0297
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/0297

198

reference_url	http://www.vupen.com/english/advisories/2009/0311
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/0311

199

reference_url	http://www.vupen.com/english/advisories/2010/0622
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/0622

200

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=449345
reference_id	449345
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=449345

201

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123
reference_id	490123
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123

202

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465
reference_id	492465
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465

203

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698
reference_id	492698
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698

204

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700
reference_id	492700
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700

205

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599
reference_id	493599
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599

206

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:::::::*
reference_id	cpe:2.3:a:isc:bind:4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:::::::*

207

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:::::::*
reference_id	cpe:2.3:a:isc:bind:8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:::::::*

208

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:::::::*
reference_id	cpe:2.3:a:isc:bind:9.2.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:::::::*

209

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::

210

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:::::::*

211

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*

212

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::

213

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:::::::*
reference_id	cpe:2.3:o:cisco:ios:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:::::::*

214

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:::::::*

215

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000::sp4::::::*
reference_id	cpe:2.3:o:microsoft:windows_2000::sp4::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000::sp4::::::*

216

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::compute_cluster::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::compute_cluster::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::compute_cluster::itanium:

217

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::datacenter::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::datacenter::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::datacenter::itanium:

218

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::enterprise::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::enterprise::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::enterprise::itanium:

219

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::standard::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::standard::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::standard::itanium:

220

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::storage::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::storage::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:::storage::itanium:

221

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::compute_cluster::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::compute_cluster::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::compute_cluster::itanium:

222

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::compute_cluster::x64:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::compute_cluster::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::compute_cluster::x64:

223

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::datacenter::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::datacenter::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::datacenter::itanium:

224

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::datacenter::x64:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::datacenter::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::datacenter::x64:

225

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::enterprise::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::enterprise::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::enterprise::itanium:

226

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::enterprise::x64:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::enterprise::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::enterprise::x64:

227

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::standard::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::standard::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::standard::itanium:

228

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::standard::x64:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::standard::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::standard::x64:

229

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::storage::itanium:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::storage::itanium:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::storage::itanium:

230

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::storage::x64:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::storage::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:::storage::x64:

231

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-::::::x64:
reference_id	cpe:2.3:o:microsoft:windows_server_2003:-::::::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-::::::x64:

232

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:::professional::x64:
reference_id	cpe:2.3:o:microsoft:windows_xp:-:-:::professional::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:::professional::x64:

233

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp::sp2::::::*
reference_id	cpe:2.3:o:microsoft:windows_xp::sp2::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp::sp2::::::*

234

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3::::::
reference_id	cpe:2.3:o:microsoft:windows_xp:-:sp3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3::::::

235

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1::as:::::
reference_id	cpe:2.3:o:redhat:enterprise_linux:2.1::as:::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1::as:::::

236

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1::es:::::
reference_id	cpe:2.3:o:redhat:enterprise_linux:2.1::es:::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1::es:::::

237

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1::ws:::::
reference_id	cpe:2.3:o:redhat:enterprise_linux:2.1::ws:::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1::ws:::::

238

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

239

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5::client:::::
reference_id	cpe:2.3:o:redhat:enterprise_linux:5::client:::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5::client:::::

240

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5::client_workstation:::::
reference_id	cpe:2.3:o:redhat:enterprise_linux:5::client_workstation:::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5::client_workstation:::::

241

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-1447

reference_id

CVE-2008-1447

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2008-1447

242

reference_url	https://security.gentoo.org/glsa/200807-08
reference_id	GLSA-200807-08
reference_type
scores
url	https://security.gentoo.org/glsa/200807-08

243

reference_url	https://security.gentoo.org/glsa/200809-02
reference_id	GLSA-200809-02
reference_type
scores
url	https://security.gentoo.org/glsa/200809-02

244

reference_url	https://security.gentoo.org/glsa/200812-17
reference_id	GLSA-200812-17
reference_type
scores
url	https://security.gentoo.org/glsa/200812-17

245

reference_url	https://security.gentoo.org/glsa/200901-03
reference_id	GLSA-200901-03
reference_type
scores
url	https://security.gentoo.org/glsa/200901-03

246

reference_url	https://security.gentoo.org/glsa/201209-25
reference_id	GLSA-201209-25
reference_type
scores
url	https://security.gentoo.org/glsa/201209-25

247

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb
reference_id	OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb

248

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py
reference_id	OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py

249

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c
reference_id	OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232;OSVDB-46776
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c

250

reference_url	https://access.redhat.com/errata/RHSA-2008:0533
reference_id	RHSA-2008:0533
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0533

251

reference_url	https://access.redhat.com/errata/RHSA-2008:0789
reference_id	RHSA-2008:0789
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0789

252

reference_url	https://usn.ubuntu.com/622-1/
reference_id	USN-622-1
reference_type
scores
url	https://usn.ubuntu.com/622-1/

253

reference_url	https://usn.ubuntu.com/627-1/
reference_id	USN-627-1
reference_type
scores
url	https://usn.ubuntu.com/627-1/

fixed_packages

url pkg:deb/debian/dnsmasq@2.45-1%2Blenny1

purl pkg:deb/debian/dnsmasq@2.45-1%2Blenny1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-4fwm-653p-ufcj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-antt-5fzu-87dw

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-bed9-8jhu-pkf9

vulnerability	VCID-d3nu-fztq-nffg

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-huvr-uav1-ffex

vulnerability	VCID-hxys-tpgq-3uf6

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-jum5-ndq3-xbhp

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nc6t-132e-cqda

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.45-1%252Blenny1

aliases CVE-2008-1447

risk_score 10.0

exploitability 2.0

weighted_severity 6.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8fbf-8fea-27d9

url VCID-a9ya-bnnp-hyc4

vulnerability_id VCID-a9ya-bnnp-hyc4

summary

Multiple vulnerabilities have been found in Dnsmasq, the worst of
    which may allow remote attackers to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25685.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25685.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25685

reference_id

reference_type

scores

value	0.00316
scoring_system	epss
scoring_elements	0.54629
published_at	2026-04-01T12:55:00Z

value	0.00316
scoring_system	epss
scoring_elements	0.54715
published_at	2026-04-13T12:55:00Z

value	0.00316
scoring_system	epss
scoring_elements	0.54752
published_at	2026-04-11T12:55:00Z

value	0.00316
scoring_system	epss
scoring_elements	0.54736
published_at	2026-04-12T12:55:00Z

value	0.00316
scoring_system	epss
scoring_elements	0.54699
published_at	2026-04-02T12:55:00Z

value	0.00316
scoring_system	epss
scoring_elements	0.54722
published_at	2026-04-04T12:55:00Z

value	0.00316
scoring_system	epss
scoring_elements	0.54692
published_at	2026-04-07T12:55:00Z

value	0.00316
scoring_system	epss
scoring_elements	0.54744
published_at	2026-04-08T12:55:00Z

value	0.00316
scoring_system	epss
scoring_elements	0.5474
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1889688
reference_id	1889688
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1889688

reference_url	https://security.archlinux.org/ASA-202101-38
reference_id	ASA-202101-38
reference_type
scores
url	https://security.archlinux.org/ASA-202101-38

reference_url

https://security.archlinux.org/AVG-1470

reference_id

AVG-1470

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1470

reference_url	https://security.gentoo.org/glsa/202101-17
reference_id	GLSA-202101-17
reference_type
scores
url	https://security.gentoo.org/glsa/202101-17

reference_url	https://access.redhat.com/errata/RHSA-2021:0150
reference_id	RHSA-2021:0150
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0150

reference_url	https://access.redhat.com/errata/RHSA-2021:0151
reference_id	RHSA-2021:0151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0151

reference_url	https://access.redhat.com/errata/RHSA-2021:0152
reference_id	RHSA-2021:0152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0152

reference_url	https://access.redhat.com/errata/RHSA-2021:0153
reference_id	RHSA-2021:0153
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0153

reference_url	https://access.redhat.com/errata/RHSA-2021:0154
reference_id	RHSA-2021:0154
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0154

reference_url	https://access.redhat.com/errata/RHSA-2021:0155
reference_id	RHSA-2021:0155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0155

reference_url	https://access.redhat.com/errata/RHSA-2021:0156
reference_id	RHSA-2021:0156
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0156

reference_url	https://access.redhat.com/errata/RHSA-2021:0240
reference_id	RHSA-2021:0240
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0240

reference_url	https://access.redhat.com/errata/RHSA-2021:0245
reference_id	RHSA-2021:0245
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0245

reference_url	https://access.redhat.com/errata/RHSA-2021:0395
reference_id	RHSA-2021:0395
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0395

reference_url	https://access.redhat.com/errata/RHSA-2021:0401
reference_id	RHSA-2021:0401
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0401

reference_url	https://usn.ubuntu.com/4698-1/
reference_id	USN-4698-1
reference_type
scores
url	https://usn.ubuntu.com/4698-1/

fixed_packages

url pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

purl pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1

url pkg:deb/debian/dnsmasq@2.85-1

purl pkg:deb/debian/dnsmasq@2.85-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bzd-pqhn-hqfj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1

aliases CVE-2020-25685

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a9ya-bnnp-hyc4

url VCID-antt-5fzu-87dw

vulnerability_id VCID-antt-5fzu-87dw

summary

Multiple vulnerabilities in Dnsmasq might result in the remote execution of
    arbitrary code, or a Denial of Service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2958.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2958.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-2958

reference_id

reference_type

scores

value	0.01131
scoring_system	epss
scoring_elements	0.78273
published_at	2026-04-01T12:55:00Z

value	0.01131
scoring_system	epss
scoring_elements	0.7828
published_at	2026-04-02T12:55:00Z

value	0.01131
scoring_system	epss
scoring_elements	0.78311
published_at	2026-04-04T12:55:00Z

value	0.01131
scoring_system	epss
scoring_elements	0.78293
published_at	2026-04-07T12:55:00Z

value	0.01131
scoring_system	epss
scoring_elements	0.78319
published_at	2026-04-08T12:55:00Z

value	0.01131
scoring_system	epss
scoring_elements	0.78325
published_at	2026-04-09T12:55:00Z

value	0.01131
scoring_system	epss
scoring_elements	0.78351
published_at	2026-04-11T12:55:00Z

value	0.01131
scoring_system	epss
scoring_elements	0.78334
published_at	2026-04-12T12:55:00Z

value	0.01131
scoring_system	epss
scoring_elements	0.78327
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-2958

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=519020
reference_id	519020
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=519020

reference_url	https://security.gentoo.org/glsa/200909-19
reference_id	GLSA-200909-19
reference_type
scores
url	https://security.gentoo.org/glsa/200909-19

reference_url	https://access.redhat.com/errata/RHSA-2009:1238
reference_id	RHSA-2009:1238
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1238

reference_url	https://usn.ubuntu.com/827-1/
reference_id	USN-827-1
reference_type
scores
url	https://usn.ubuntu.com/827-1/

fixed_packages

url pkg:deb/debian/dnsmasq@2.55-2

purl pkg:deb/debian/dnsmasq@2.55-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-4fwm-653p-ufcj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-d3nu-fztq-nffg

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-huvr-uav1-ffex

vulnerability	VCID-hxys-tpgq-3uf6

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-jum5-ndq3-xbhp

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nc6t-132e-cqda

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.55-2

aliases CVE-2009-2958

risk_score null

exploitability 2.0

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-antt-5fzu-87dw

url VCID-b2dc-msms-bfee

vulnerability_id VCID-b2dc-msms-bfee

summary

Multiple vulnerabilities have been found in Dnsmasq, the worst of
    which may allow remote attackers to execute arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html

reference_url	http://nvidia.custhelp.com/app/answers/detail/a_id/4561
reference_id
reference_type
scores
url	http://nvidia.custhelp.com/app/answers/detail/a_id/4561

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14493.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14493.json

reference_url	https://access.redhat.com/security/vulnerabilities/3199382
reference_id
reference_type
scores
url	https://access.redhat.com/security/vulnerabilities/3199382

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14493

reference_id

reference_type

scores

value	0.05344
scoring_system	epss
scoring_elements	0.90026
published_at	2026-04-01T12:55:00Z

value	0.05344
scoring_system	epss
scoring_elements	0.90067
published_at	2026-04-13T12:55:00Z

value	0.05344
scoring_system	epss
scoring_elements	0.90045
published_at	2026-04-07T12:55:00Z

value	0.05344
scoring_system	epss
scoring_elements	0.9006
published_at	2026-04-08T12:55:00Z

value	0.05344
scoring_system	epss
scoring_elements	0.90066
published_at	2026-04-09T12:55:00Z

value	0.05344
scoring_system	epss
scoring_elements	0.90075
published_at	2026-04-11T12:55:00Z

value	0.05344
scoring_system	epss
scoring_elements	0.90073
published_at	2026-04-12T12:55:00Z

value	0.05344
scoring_system	epss
scoring_elements	0.90029
published_at	2026-04-02T12:55:00Z

value	0.05344
scoring_system	epss
scoring_elements	0.9004
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14493

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv2
scoring_elements	AV:A/AC:L/Au:N/C:N/I:P/A:P

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
reference_id
reference_type
scores
url	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html

reference_url	https://www.exploit-db.com/exploits/42943/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/42943/

reference_url	https://www.kb.cert.org/vuls/id/973527
reference_id
reference_type
scores
url	https://www.kb.cert.org/vuls/id/973527

reference_url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html
reference_id
reference_type
scores
url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html

reference_url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html
reference_id
reference_type
scores
url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html

reference_url	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq
reference_id
reference_type
scores
url	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq

reference_url	http://thekelleys.org.uk/dnsmasq/CHANGELOG
reference_id
reference_type
scores
url	http://thekelleys.org.uk/dnsmasq/CHANGELOG

reference_url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=3d4ff1ba8419546490b464418223132529514033
reference_id
reference_type
scores
url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=3d4ff1ba8419546490b464418223132529514033

reference_url	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt
reference_id
reference_type
scores
url	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt

reference_url	http://www.debian.org/security/2017/dsa-3989
reference_id
reference_type
scores
url	http://www.debian.org/security/2017/dsa-3989

reference_url	http://www.securityfocus.com/bid/101085
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101085

reference_url	http://www.securitytracker.com/id/1039474
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039474

reference_url	http://www.ubuntu.com/usn/USN-3430-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-3430-1

reference_url	http://www.ubuntu.com/usn/USN-3430-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-3430-2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1495411
reference_id	1495411
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1495411

reference_url	https://security.archlinux.org/ASA-201710-1
reference_id	ASA-201710-1
reference_type
scores
url	https://security.archlinux.org/ASA-201710-1

reference_url

https://security.archlinux.org/AVG-421

reference_id

AVG-421

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-421

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_id	cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.2:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42943.py
reference_id	CVE-2017-14493
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42943.py

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-14493

reference_id

CVE-2017-14493

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-14493

reference_url	https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14493.py
reference_id	CVE-2017-14493
reference_type	exploit
scores
url	https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14493.py

reference_url	https://security.gentoo.org/glsa/201710-27
reference_id	GLSA-201710-27
reference_type
scores
url	https://security.gentoo.org/glsa/201710-27

reference_url	https://access.redhat.com/errata/RHSA-2017:2836
reference_id	RHSA-2017:2836
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2836

reference_url	https://access.redhat.com/errata/RHSA-2017:2837
reference_id	RHSA-2017:2837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2837

reference_url	https://usn.ubuntu.com/3430-1/
reference_id	USN-3430-1
reference_type
scores
url	https://usn.ubuntu.com/3430-1/

reference_url	https://usn.ubuntu.com/3430-2/
reference_id	USN-3430-2
reference_type
scores
url	https://usn.ubuntu.com/3430-2/

fixed_packages

url pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2

purl pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-4fwm-653p-ufcj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-d3nu-fztq-nffg

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-huvr-uav1-ffex

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3%252Bdeb8u2

url pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2

purl pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2

url pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

purl pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1

aliases CVE-2017-14493

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b2dc-msms-bfee

url VCID-bed9-8jhu-pkf9

vulnerability_id VCID-bed9-8jhu-pkf9

summary

Multiple vulnerabilities in Dnsmasq might result in the remote execution of
    arbitrary code, or a Denial of Service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2957.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2957.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-2957

reference_id

reference_type

scores

value	0.08525
scoring_system	epss
scoring_elements	0.92345
published_at	2026-04-01T12:55:00Z

value	0.08525
scoring_system	epss
scoring_elements	0.92352
published_at	2026-04-02T12:55:00Z

value	0.08525
scoring_system	epss
scoring_elements	0.92359
published_at	2026-04-04T12:55:00Z

value	0.08525
scoring_system	epss
scoring_elements	0.92362
published_at	2026-04-07T12:55:00Z

value	0.08525
scoring_system	epss
scoring_elements	0.92374
published_at	2026-04-08T12:55:00Z

value	0.08525
scoring_system	epss
scoring_elements	0.92379
published_at	2026-04-09T12:55:00Z

value	0.08525
scoring_system	epss
scoring_elements	0.92384
published_at	2026-04-11T12:55:00Z

value	0.08525
scoring_system	epss
scoring_elements	0.92387
published_at	2026-04-12T12:55:00Z

value	0.08525
scoring_system	epss
scoring_elements	0.92385
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-2957

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=519020
reference_id	519020
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=519020

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9617.txt
reference_id	CVE-2009-2958;CVE-2009-2957;OSVDB-57593;OSVDB-57592
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9617.txt

reference_url	http://www.coresecurity.com/content/dnsmasq-vulnerabilities
reference_id	CVE-2009-2958;CVE-2009-2957;OSVDB-57593;OSVDB-57592
reference_type	exploit
scores
url	http://www.coresecurity.com/content/dnsmasq-vulnerabilities

reference_url	https://security.gentoo.org/glsa/200909-19
reference_id	GLSA-200909-19
reference_type
scores
url	https://security.gentoo.org/glsa/200909-19

reference_url	https://access.redhat.com/errata/RHSA-2009:1238
reference_id	RHSA-2009:1238
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1238

reference_url	https://usn.ubuntu.com/827-1/
reference_id	USN-827-1
reference_type
scores
url	https://usn.ubuntu.com/827-1/

fixed_packages

url pkg:deb/debian/dnsmasq@2.55-2

purl pkg:deb/debian/dnsmasq@2.55-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-4fwm-653p-ufcj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-d3nu-fztq-nffg

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-huvr-uav1-ffex

vulnerability	VCID-hxys-tpgq-3uf6

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-jum5-ndq3-xbhp

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nc6t-132e-cqda

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.55-2

aliases CVE-2009-2957

risk_score 0.2

exploitability 2.0

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bed9-8jhu-pkf9

url VCID-d3nu-fztq-nffg

vulnerability_id VCID-d3nu-fztq-nffg

summary security update

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3294.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3294.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-3294

reference_id

reference_type

scores

value	0.00184
scoring_system	epss
scoring_elements	0.39998
published_at	2026-04-01T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.40145
published_at	2026-04-08T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.40171
published_at	2026-04-04T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.40092
published_at	2026-04-07T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.40158
published_at	2026-04-09T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.40168
published_at	2026-04-11T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.4013
published_at	2026-04-12T12:55:00Z

value	0.00184
scoring_system	epss
scoring_elements	0.40111
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-3294

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3294
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3294

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1215747
reference_id	1215747
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1215747

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783459
reference_id	783459
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783459

reference_url	https://security.gentoo.org/glsa/201512-01
reference_id	GLSA-201512-01
reference_type
scores
url	https://security.gentoo.org/glsa/201512-01

reference_url	https://usn.ubuntu.com/2593-1/
reference_id	USN-2593-1
reference_type
scores
url	https://usn.ubuntu.com/2593-1/

fixed_packages

url pkg:deb/debian/dnsmasq@2.62-3%2Bdeb7u3

purl pkg:deb/debian/dnsmasq@2.62-3%2Bdeb7u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-4fwm-653p-ufcj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-d3nu-fztq-nffg

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-huvr-uav1-ffex

vulnerability	VCID-hxys-tpgq-3uf6

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-jum5-ndq3-xbhp

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nc6t-132e-cqda

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.62-3%252Bdeb7u3

url pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2

purl pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-4fwm-653p-ufcj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-d3nu-fztq-nffg

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-huvr-uav1-ffex

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3%252Bdeb8u2

url pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2

purl pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2

aliases CVE-2015-3294

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d3nu-fztq-nffg

url VCID-gnkg-afmr-r7aq

vulnerability_id VCID-gnkg-afmr-r7aq

summary Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0934.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0934.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-0934

reference_id

reference_type

scores

value	0.00025
scoring_system	epss
scoring_elements	0.06784
published_at	2026-04-13T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06626
published_at	2026-04-01T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06687
published_at	2026-04-02T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06731
published_at	2026-04-04T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06715
published_at	2026-04-07T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06766
published_at	2026-04-08T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06799
published_at	2026-04-09T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06797
published_at	2026-04-11T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06791
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0934

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html

reference_id

016272.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/

url

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014715
reference_id	1014715
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014715

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2057075

reference_id

2057075

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2057075

reference_url

https://security.archlinux.org/AVG-2716

reference_id

AVG-2716

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2716

reference_url

https://access.redhat.com/security/cve/CVE-2022-0934

reference_id

CVE-2022-0934

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/

url

https://access.redhat.com/security/cve/CVE-2022-0934

reference_url	https://security.gentoo.org/glsa/202412-10
reference_id	GLSA-202412-10
reference_type
scores
url	https://security.gentoo.org/glsa/202412-10

reference_url

https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39

reference_id

?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/

url

https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39

reference_url	https://access.redhat.com/errata/RHSA-2022:7633
reference_id	RHSA-2022:7633
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7633

reference_url	https://access.redhat.com/errata/RHSA-2022:8070
reference_id	RHSA-2022:8070
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8070

reference_url	https://access.redhat.com/errata/RHSA-2024:1545
reference_id	RHSA-2024:1545
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1545

reference_url	https://usn.ubuntu.com/5408-1/
reference_id	USN-5408-1
reference_type
scores
url	https://usn.ubuntu.com/5408-1/

fixed_packages

url	pkg:deb/debian/dnsmasq@2.90-4~deb12u1
purl	pkg:deb/debian/dnsmasq@2.90-4~deb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1

aliases CVE-2022-0934

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gnkg-afmr-r7aq

url VCID-hr7r-mgk2-67aw

vulnerability_id VCID-hr7r-mgk2-67aw

summary dnsmasq: Size parameter overflow via large DNS query

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13704.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13704.json

reference_url	https://access.redhat.com/security/vulnerabilities/3199382
reference_id
reference_type
scores
url	https://access.redhat.com/security/vulnerabilities/3199382

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-13704

reference_id

reference_type

scores

value	0.79318
scoring_system	epss
scoring_elements	0.99064
published_at	2026-04-01T12:55:00Z

value	0.79318
scoring_system	epss
scoring_elements	0.99075
published_at	2026-04-13T12:55:00Z

value	0.79318
scoring_system	epss
scoring_elements	0.99073
published_at	2026-04-11T12:55:00Z

value	0.79318
scoring_system	epss
scoring_elements	0.99074
published_at	2026-04-09T12:55:00Z

value	0.79318
scoring_system	epss
scoring_elements	0.99065
published_at	2026-04-02T12:55:00Z

value	0.79318
scoring_system	epss
scoring_elements	0.9907
published_at	2026-04-04T12:55:00Z

value	0.79318
scoring_system	epss
scoring_elements	0.99072
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-13704

reference_url	https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf
reference_id
reference_type
scores
url	https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13704
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13704

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/

reference_url	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
reference_id
reference_type
scores
url	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html

reference_url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html
reference_id
reference_type
scores
url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html

reference_url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html
reference_id
reference_type
scores
url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html

reference_url	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq
reference_id
reference_type
scores
url	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq

reference_url	http://thekelleys.org.uk/dnsmasq/CHANGELOG
reference_id
reference_type
scores
url	http://thekelleys.org.uk/dnsmasq/CHANGELOG

reference_url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928
reference_id
reference_type
scores
url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928

reference_url	http://www.securityfocus.com/bid/101085
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101085

reference_url	http://www.securityfocus.com/bid/101977
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101977

reference_url	http://www.securitytracker.com/id/1039474
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039474

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1495510
reference_id	1495510
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1495510

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877102
reference_id	877102
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877102

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_id	cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:27:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:27:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:::::::*
reference_id	cpe:2.3:o:novell:leap:42.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:::::::*
reference_id	cpe:2.3:o:novell:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-13704

reference_id

CVE-2017-13704

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-13704

fixed_packages

url pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

purl pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1

aliases CVE-2017-13704

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hr7r-mgk2-67aw

url VCID-huvr-uav1-ffex

vulnerability_id VCID-huvr-uav1-ffex

summary dnsmasq: Improper bounds checking leads to a buffer overread

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14513.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14513.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-14513

reference_id

reference_type

scores

value	0.00047
scoring_system	epss
scoring_elements	0.14595
published_at	2026-04-12T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14644
published_at	2026-04-02T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14715
published_at	2026-04-04T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14527
published_at	2026-04-07T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14616
published_at	2026-04-08T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14673
published_at	2026-04-09T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14633
published_at	2026-04-11T12:55:00Z

value	0.00047
scoring_system	epss
scoring_elements	0.14535
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-14513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14513
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14513

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1739422
reference_id	1739422
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1739422

reference_url	https://usn.ubuntu.com/4924-1/
reference_id	USN-4924-1
reference_type
scores
url	https://usn.ubuntu.com/4924-1/

fixed_packages

url pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2

purl pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2

aliases CVE-2019-14513

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-huvr-uav1-ffex

url VCID-hxys-tpgq-3uf6

vulnerability_id VCID-hxys-tpgq-3uf6

summary

A vulnerability in Dnsmasq can lead to a Denial of Service
    condition.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0198.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0198.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-0198

reference_id

reference_type

scores

value	0.00051
scoring_system	epss
scoring_elements	0.15801
published_at	2026-04-13T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15857
published_at	2026-04-01T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15923
published_at	2026-04-02T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15985
published_at	2026-04-04T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15785
published_at	2026-04-07T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.1587
published_at	2026-04-12T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15932
published_at	2026-04-09T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15908
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-0198

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0198
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0198

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:072
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:072

reference_url	http://www.openwall.com/lists/oss-security/2013/01/18/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2013/01/18/2

reference_url	http://www.openwall.com/lists/oss-security/2013/01/18/7
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2013/01/18/7

reference_url	http://www.thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=22ce550e5346947a12a781ed0959a7b1165d0dc6
reference_id
reference_type
scores
url	http://www.thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=22ce550e5346947a12a781ed0959a7b1165d0dc6

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=894486
reference_id	894486
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=894486

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_id	cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-0198

reference_id

CVE-2013-0198

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2013-0198

reference_url	https://security.gentoo.org/glsa/201406-24
reference_id	GLSA-201406-24
reference_type
scores
url	https://security.gentoo.org/glsa/201406-24

fixed_packages

url pkg:deb/debian/dnsmasq@2.72-3

purl pkg:deb/debian/dnsmasq@2.72-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-4fwm-653p-ufcj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-d3nu-fztq-nffg

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-huvr-uav1-ffex

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3

aliases CVE-2013-0198

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hxys-tpgq-3uf6

url VCID-jj87-61kf-mufs

vulnerability_id VCID-jj87-61kf-mufs

summary

Multiple vulnerabilities have been found in Dnsmasq, the worst of
    which may allow remote attackers to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25686.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25686.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25686

reference_id

reference_type

scores

value	0.00411
scoring_system	epss
scoring_elements	0.61242
published_at	2026-04-01T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61368
published_at	2026-04-13T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61402
published_at	2026-04-11T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61387
published_at	2026-04-12T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61321
published_at	2026-04-02T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.6135
published_at	2026-04-04T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61319
published_at	2026-04-07T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61366
published_at	2026-04-08T12:55:00Z

value	0.00411
scoring_system	epss
scoring_elements	0.61381
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25686

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1890125
reference_id	1890125
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1890125

reference_url	https://security.archlinux.org/ASA-202101-38
reference_id	ASA-202101-38
reference_type
scores
url	https://security.archlinux.org/ASA-202101-38

reference_url

https://security.archlinux.org/AVG-1470

reference_id

AVG-1470

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1470

reference_url	https://security.gentoo.org/glsa/202101-17
reference_id	GLSA-202101-17
reference_type
scores
url	https://security.gentoo.org/glsa/202101-17

reference_url	https://access.redhat.com/errata/RHSA-2021:0150
reference_id	RHSA-2021:0150
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0150

reference_url	https://access.redhat.com/errata/RHSA-2021:0151
reference_id	RHSA-2021:0151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0151

reference_url	https://access.redhat.com/errata/RHSA-2021:0152
reference_id	RHSA-2021:0152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0152

reference_url	https://access.redhat.com/errata/RHSA-2021:0153
reference_id	RHSA-2021:0153
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0153

reference_url	https://access.redhat.com/errata/RHSA-2021:0154
reference_id	RHSA-2021:0154
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0154

reference_url	https://access.redhat.com/errata/RHSA-2021:0155
reference_id	RHSA-2021:0155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0155

reference_url	https://access.redhat.com/errata/RHSA-2021:0156
reference_id	RHSA-2021:0156
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0156

reference_url	https://access.redhat.com/errata/RHSA-2021:0240
reference_id	RHSA-2021:0240
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0240

reference_url	https://access.redhat.com/errata/RHSA-2021:0245
reference_id	RHSA-2021:0245
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0245

reference_url	https://access.redhat.com/errata/RHSA-2021:0395
reference_id	RHSA-2021:0395
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0395

reference_url	https://access.redhat.com/errata/RHSA-2021:0401
reference_id	RHSA-2021:0401
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0401

reference_url	https://usn.ubuntu.com/4698-1/
reference_id	USN-4698-1
reference_type
scores
url	https://usn.ubuntu.com/4698-1/

fixed_packages

url pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

purl pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1

url pkg:deb/debian/dnsmasq@2.85-1

purl pkg:deb/debian/dnsmasq@2.85-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bzd-pqhn-hqfj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1

aliases CVE-2020-25686

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jj87-61kf-mufs

url VCID-jum5-ndq3-xbhp

vulnerability_id VCID-jum5-ndq3-xbhp

summary

A vulnerability in Dnsmasq can lead to a Denial of Service
    condition.

references

reference_url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372
reference_id
reference_type
scores
url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372

reference_url	http://rhn.redhat.com/errata/RHSA-2013-0276.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-0276.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-0277.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-0277.html

reference_url	http://rhn.redhat.com/errata/RHSA-2013-0579.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-0579.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3411.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3411.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-3411

reference_id

reference_type

scores

value	0.00878
scoring_system	epss
scoring_elements	0.75323
published_at	2026-04-13T12:55:00Z

value	0.00878
scoring_system	epss
scoring_elements	0.75267
published_at	2026-04-01T12:55:00Z

value	0.00878
scoring_system	epss
scoring_elements	0.75271
published_at	2026-04-02T12:55:00Z

value	0.00878
scoring_system	epss
scoring_elements	0.75304
published_at	2026-04-04T12:55:00Z

value	0.00878
scoring_system	epss
scoring_elements	0.75282
published_at	2026-04-07T12:55:00Z

value	0.00878
scoring_system	epss
scoring_elements	0.75324
published_at	2026-04-08T12:55:00Z

value	0.00878
scoring_system	epss
scoring_elements	0.75335
published_at	2026-04-09T12:55:00Z

value	0.00878
scoring_system	epss
scoring_elements	0.75356
published_at	2026-04-11T12:55:00Z

value	0.00878
scoring_system	epss
scoring_elements	0.75334
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-3411

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3411
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3411

reference_url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=2f38141f434e23292f84cefc33e8de76fb856147
reference_id
reference_type
scores
url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=2f38141f434e23292f84cefc33e8de76fb856147

reference_url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=54dd393f3938fc0c19088fbd319b95e37d81a2b0
reference_id
reference_type
scores
url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=54dd393f3938fc0c19088fbd319b95e37d81a2b0

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:072
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2013:072

reference_url	http://www.openwall.com/lists/oss-security/2012/07/12/5
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2012/07/12/5

reference_url	http://www.securityfocus.com/bid/54353
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/54353

reference_url	http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
reference_id
reference_type
scores
url	http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372
reference_id	683372
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=833033
reference_id	833033
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=833033

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_id	cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-3411

reference_id

CVE-2012-3411

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2012-3411

reference_url	https://security.gentoo.org/glsa/201406-24
reference_id	GLSA-201406-24
reference_type
scores
url	https://security.gentoo.org/glsa/201406-24

reference_url	https://access.redhat.com/errata/RHSA-2013:0276
reference_id	RHSA-2013:0276
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0276

reference_url	https://access.redhat.com/errata/RHSA-2013:0277
reference_id	RHSA-2013:0277
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0277

reference_url	https://access.redhat.com/errata/RHSA-2013:0579
reference_id	RHSA-2013:0579
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0579

fixed_packages

url pkg:deb/debian/dnsmasq@2.72-3

purl pkg:deb/debian/dnsmasq@2.72-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-4fwm-653p-ufcj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-d3nu-fztq-nffg

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-huvr-uav1-ffex

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3

aliases CVE-2012-3411

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jum5-ndq3-xbhp

url VCID-k9w6-f6aw-dbey

vulnerability_id VCID-k9w6-f6aw-dbey

summary

Multiple vulnerabilities have been found in Dnsmasq, the worst of
    which may allow remote attackers to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14491.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14491.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14491

reference_id

reference_type

scores

value	0.57794
scoring_system	epss
scoring_elements	0.98177
published_at	2026-04-13T12:55:00Z

value	0.57794
scoring_system	epss
scoring_elements	0.98176
published_at	2026-04-12T12:55:00Z

value	0.62655
scoring_system	epss
scoring_elements	0.98378
published_at	2026-04-11T12:55:00Z

value	0.62655
scoring_system	epss
scoring_elements	0.98361
published_at	2026-04-01T12:55:00Z

value	0.62655
scoring_system	epss
scoring_elements	0.98364
published_at	2026-04-02T12:55:00Z

value	0.62655
scoring_system	epss
scoring_elements	0.98366
published_at	2026-04-04T12:55:00Z

value	0.62655
scoring_system	epss
scoring_elements	0.9837
published_at	2026-04-07T12:55:00Z

value	0.62655
scoring_system	epss
scoring_elements	0.98374
published_at	2026-04-08T12:55:00Z

value	0.62655
scoring_system	epss
scoring_elements	0.98376
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14491

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1495409
reference_id	1495409
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1495409

reference_url	https://security.archlinux.org/ASA-201710-1
reference_id	ASA-201710-1
reference_type
scores
url	https://security.archlinux.org/ASA-201710-1

reference_url

https://security.archlinux.org/AVG-421

reference_id

AVG-421

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-421

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42941.py
reference_id	CVE-2017-14491
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42941.py

reference_url	https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14491.py
reference_id	CVE-2017-14491
reference_type	exploit
scores
url	https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14491.py

reference_url	https://security.gentoo.org/glsa/201710-27
reference_id	GLSA-201710-27
reference_type
scores
url	https://security.gentoo.org/glsa/201710-27

reference_url	https://access.redhat.com/errata/RHSA-2017:2836
reference_id	RHSA-2017:2836
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2836

reference_url	https://access.redhat.com/errata/RHSA-2017:2837
reference_id	RHSA-2017:2837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2837

reference_url	https://access.redhat.com/errata/RHSA-2017:2838
reference_id	RHSA-2017:2838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2838

reference_url	https://access.redhat.com/errata/RHSA-2017:2839
reference_id	RHSA-2017:2839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2839

reference_url	https://access.redhat.com/errata/RHSA-2017:2840
reference_id	RHSA-2017:2840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2840

reference_url	https://access.redhat.com/errata/RHSA-2017:2841
reference_id	RHSA-2017:2841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2841

reference_url	https://usn.ubuntu.com/3430-1/
reference_id	USN-3430-1
reference_type
scores
url	https://usn.ubuntu.com/3430-1/

reference_url	https://usn.ubuntu.com/3430-2/
reference_id	USN-3430-2
reference_type
scores
url	https://usn.ubuntu.com/3430-2/

fixed_packages

url pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2

purl pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-4fwm-653p-ufcj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-d3nu-fztq-nffg

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-huvr-uav1-ffex

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3%252Bdeb8u2

url pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2

purl pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2

url pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

purl pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1

aliases CVE-2017-14491

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k9w6-f6aw-dbey

url VCID-khrt-9ar9-wbc3

vulnerability_id VCID-khrt-9ar9-wbc3

summary

Multiple vulnerabilities have been found in Dnsmasq, the worst of
    which may allow remote attackers to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25683.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25683.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25683

reference_id

reference_type

scores

value	0.31317
scoring_system	epss
scoring_elements	0.9674
published_at	2026-04-01T12:55:00Z

value	0.31317
scoring_system	epss
scoring_elements	0.9677
published_at	2026-04-13T12:55:00Z

value	0.31317
scoring_system	epss
scoring_elements	0.96764
published_at	2026-04-09T12:55:00Z

value	0.31317
scoring_system	epss
scoring_elements	0.96767
published_at	2026-04-12T12:55:00Z

value	0.31317
scoring_system	epss
scoring_elements	0.9675
published_at	2026-04-02T12:55:00Z

value	0.31317
scoring_system	epss
scoring_elements	0.96751
published_at	2026-04-04T12:55:00Z

value	0.31317
scoring_system	epss
scoring_elements	0.96756
published_at	2026-04-07T12:55:00Z

value	0.31317
scoring_system	epss
scoring_elements	0.96763
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1882018
reference_id	1882018
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1882018

reference_url	https://security.archlinux.org/ASA-202101-38
reference_id	ASA-202101-38
reference_type
scores
url	https://security.archlinux.org/ASA-202101-38

reference_url

https://security.archlinux.org/AVG-1470

reference_id

AVG-1470

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1470

reference_url	https://security.gentoo.org/glsa/202101-17
reference_id	GLSA-202101-17
reference_type
scores
url	https://security.gentoo.org/glsa/202101-17

reference_url	https://access.redhat.com/errata/RHSA-2021:0150
reference_id	RHSA-2021:0150
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0150

reference_url	https://access.redhat.com/errata/RHSA-2021:0151
reference_id	RHSA-2021:0151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0151

reference_url	https://access.redhat.com/errata/RHSA-2021:0152
reference_id	RHSA-2021:0152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0152

reference_url	https://usn.ubuntu.com/4698-1/
reference_id	USN-4698-1
reference_type
scores
url	https://usn.ubuntu.com/4698-1/

fixed_packages

url pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

purl pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1

url pkg:deb/debian/dnsmasq@2.85-1

purl pkg:deb/debian/dnsmasq@2.85-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bzd-pqhn-hqfj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1

aliases CVE-2020-25683

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-khrt-9ar9-wbc3

url VCID-kxbw-1fr9-8kb3

vulnerability_id VCID-kxbw-1fr9-8kb3

summary

Multiple vulnerabilities have been found in Dnsmasq, the worst of
    which may allow remote attackers to execute arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html

reference_url	http://nvidia.custhelp.com/app/answers/detail/a_id/4561
reference_id
reference_type
scores
url	http://nvidia.custhelp.com/app/answers/detail/a_id/4561

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14492.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14492.json

reference_url	https://access.redhat.com/security/vulnerabilities/3199382
reference_id
reference_type
scores
url	https://access.redhat.com/security/vulnerabilities/3199382

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14492

reference_id

reference_type

scores

value	0.92841
scoring_system	epss
scoring_elements	0.99763
published_at	2026-04-01T12:55:00Z

value	0.92841
scoring_system	epss
scoring_elements	0.99766
published_at	2026-04-11T12:55:00Z

value	0.92841
scoring_system	epss
scoring_elements	0.99764
published_at	2026-04-04T12:55:00Z

value	0.92841
scoring_system	epss
scoring_elements	0.99765
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv2
scoring_elements	AV:A/AC:L/Au:N/C:N/I:P/A:P

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
reference_id
reference_type
scores
url	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html

reference_url	https://www.exploit-db.com/exploits/42942/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/42942/

reference_url	https://www.kb.cert.org/vuls/id/973527
reference_id
reference_type
scores
url	https://www.kb.cert.org/vuls/id/973527

reference_url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html
reference_id
reference_type
scores
url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html

reference_url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html
reference_id
reference_type
scores
url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html

reference_url	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq
reference_id
reference_type
scores
url	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq

reference_url	http://thekelleys.org.uk/dnsmasq/CHANGELOG
reference_id
reference_type
scores
url	http://thekelleys.org.uk/dnsmasq/CHANGELOG

reference_url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=24036ea507862c7b7898b68289c8130f85599c10
reference_id
reference_type
scores
url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=24036ea507862c7b7898b68289c8130f85599c10

reference_url	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt
reference_id
reference_type
scores
url	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt

reference_url	http://www.debian.org/security/2017/dsa-3989
reference_id
reference_type
scores
url	http://www.debian.org/security/2017/dsa-3989

reference_url	http://www.securityfocus.com/bid/101085
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101085

reference_url	http://www.securitytracker.com/id/1039474
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039474

reference_url	http://www.ubuntu.com/usn/USN-3430-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-3430-1

reference_url	http://www.ubuntu.com/usn/USN-3430-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-3430-2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1495410
reference_id	1495410
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1495410

reference_url	https://security.archlinux.org/ASA-201710-1
reference_id	ASA-201710-1
reference_type
scores
url	https://security.archlinux.org/ASA-201710-1

reference_url

https://security.archlinux.org/AVG-421

reference_id

AVG-421

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-421

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_id	cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:::::::*
reference_id	cpe:2.3:o:novell:leap:42.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:::::::*
reference_id	cpe:2.3:o:novell:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42942.py
reference_id	CVE-2017-14492
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42942.py

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-14492

reference_id

CVE-2017-14492

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-14492

reference_url	https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14492.py
reference_id	CVE-2017-14492
reference_type	exploit
scores
url	https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14492.py

reference_url	https://security.gentoo.org/glsa/201710-27
reference_id	GLSA-201710-27
reference_type
scores
url	https://security.gentoo.org/glsa/201710-27

reference_url	https://access.redhat.com/errata/RHSA-2017:2836
reference_id	RHSA-2017:2836
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2836

reference_url	https://access.redhat.com/errata/RHSA-2017:2837
reference_id	RHSA-2017:2837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2837

reference_url	https://usn.ubuntu.com/3430-1/
reference_id	USN-3430-1
reference_type
scores
url	https://usn.ubuntu.com/3430-1/

reference_url	https://usn.ubuntu.com/3430-2/
reference_id	USN-3430-2
reference_type
scores
url	https://usn.ubuntu.com/3430-2/

fixed_packages

url pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2

purl pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-4fwm-653p-ufcj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-d3nu-fztq-nffg

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-huvr-uav1-ffex

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3%252Bdeb8u2

url pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2

purl pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2

url pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

purl pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1

aliases CVE-2017-14492

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kxbw-1fr9-8kb3

url VCID-nc6t-132e-cqda

vulnerability_id VCID-nc6t-132e-cqda

summary dnsmasq: insecure default configuration makes it an open resolver

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14312.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14312.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14312

reference_id

reference_type

scores

value	0.00132
scoring_system	epss
scoring_elements	0.32749
published_at	2026-04-13T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.3288
published_at	2026-04-02T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32915
published_at	2026-04-04T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32737
published_at	2026-04-07T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32785
published_at	2026-04-08T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32811
published_at	2026-04-09T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32813
published_at	2026-04-11T12:55:00Z

value	0.00132
scoring_system	epss
scoring_elements	0.32775
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14312

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14312
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14312

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1851342
reference_id	1851342
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1851342

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732610
reference_id	732610
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732610

fixed_packages

url pkg:deb/debian/dnsmasq@2.72-3

purl pkg:deb/debian/dnsmasq@2.72-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-4fwm-653p-ufcj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-d3nu-fztq-nffg

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-huvr-uav1-ffex

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3

aliases CVE-2020-14312

risk_score 1.8

exploitability 0.5

weighted_severity 3.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nc6t-132e-cqda

url VCID-nrja-2ajq-mfek

vulnerability_id VCID-nrja-2ajq-mfek

summary

Multiple vulnerabilities have been found in Dnsmasq, the worst of
    which may allow remote attackers to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25687.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25687.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25687

reference_id

reference_type

scores

value	0.22
scoring_system	epss
scoring_elements	0.95739
published_at	2026-04-01T12:55:00Z

value	0.22
scoring_system	epss
scoring_elements	0.95776
published_at	2026-04-13T12:55:00Z

value	0.22
scoring_system	epss
scoring_elements	0.9577
published_at	2026-04-09T12:55:00Z

value	0.22
scoring_system	epss
scoring_elements	0.95774
published_at	2026-04-12T12:55:00Z

value	0.22
scoring_system	epss
scoring_elements	0.95748
published_at	2026-04-02T12:55:00Z

value	0.22
scoring_system	epss
scoring_elements	0.95756
published_at	2026-04-04T12:55:00Z

value	0.22
scoring_system	epss
scoring_elements	0.95759
published_at	2026-04-07T12:55:00Z

value	0.22
scoring_system	epss
scoring_elements	0.95767
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25687

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1891568
reference_id	1891568
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1891568

reference_url	https://security.archlinux.org/ASA-202101-38
reference_id	ASA-202101-38
reference_type
scores
url	https://security.archlinux.org/ASA-202101-38

reference_url

https://security.archlinux.org/AVG-1470

reference_id

AVG-1470

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1470

reference_url	https://security.gentoo.org/glsa/202101-17
reference_id	GLSA-202101-17
reference_type
scores
url	https://security.gentoo.org/glsa/202101-17

reference_url	https://access.redhat.com/errata/RHSA-2021:0150
reference_id	RHSA-2021:0150
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0150

reference_url	https://access.redhat.com/errata/RHSA-2021:0151
reference_id	RHSA-2021:0151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0151

reference_url	https://access.redhat.com/errata/RHSA-2021:0152
reference_id	RHSA-2021:0152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0152

reference_url	https://usn.ubuntu.com/4698-1/
reference_id	USN-4698-1
reference_type
scores
url	https://usn.ubuntu.com/4698-1/

fixed_packages

url pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

purl pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1

url pkg:deb/debian/dnsmasq@2.85-1

purl pkg:deb/debian/dnsmasq@2.85-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bzd-pqhn-hqfj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1

aliases CVE-2020-25687

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nrja-2ajq-mfek

url VCID-nute-d491-mqa9

vulnerability_id VCID-nute-d491-mqa9

summary

Multiple vulnerabilities have been found in Dnsmasq, the worst of
    which may allow remote attackers to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25684.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25684.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25684

reference_id

reference_type

scores

value	0.00261
scoring_system	epss
scoring_elements	0.49417
published_at	2026-04-01T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49466
published_at	2026-04-13T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49492
published_at	2026-04-11T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49464
published_at	2026-04-12T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49445
published_at	2026-04-02T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49472
published_at	2026-04-04T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49425
published_at	2026-04-07T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.4948
published_at	2026-04-08T12:55:00Z

value	0.00261
scoring_system	epss
scoring_elements	0.49475
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1889686
reference_id	1889686
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1889686

reference_url	https://security.archlinux.org/ASA-202101-38
reference_id	ASA-202101-38
reference_type
scores
url	https://security.archlinux.org/ASA-202101-38

reference_url

https://security.archlinux.org/AVG-1470

reference_id

AVG-1470

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1470

reference_url	https://security.gentoo.org/glsa/202101-17
reference_id	GLSA-202101-17
reference_type
scores
url	https://security.gentoo.org/glsa/202101-17

reference_url	https://access.redhat.com/errata/RHSA-2021:0150
reference_id	RHSA-2021:0150
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0150

reference_url	https://access.redhat.com/errata/RHSA-2021:0151
reference_id	RHSA-2021:0151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0151

reference_url	https://access.redhat.com/errata/RHSA-2021:0152
reference_id	RHSA-2021:0152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0152

reference_url	https://access.redhat.com/errata/RHSA-2021:0153
reference_id	RHSA-2021:0153
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0153

reference_url	https://access.redhat.com/errata/RHSA-2021:0154
reference_id	RHSA-2021:0154
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0154

reference_url	https://access.redhat.com/errata/RHSA-2021:0155
reference_id	RHSA-2021:0155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0155

reference_url	https://access.redhat.com/errata/RHSA-2021:0156
reference_id	RHSA-2021:0156
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0156

reference_url	https://access.redhat.com/errata/RHSA-2021:0240
reference_id	RHSA-2021:0240
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0240

reference_url	https://access.redhat.com/errata/RHSA-2021:0245
reference_id	RHSA-2021:0245
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0245

reference_url	https://access.redhat.com/errata/RHSA-2021:0395
reference_id	RHSA-2021:0395
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0395

reference_url	https://access.redhat.com/errata/RHSA-2021:0401
reference_id	RHSA-2021:0401
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0401

reference_url	https://usn.ubuntu.com/4698-1/
reference_id	USN-4698-1
reference_type
scores
url	https://usn.ubuntu.com/4698-1/

fixed_packages

url pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

purl pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1

url pkg:deb/debian/dnsmasq@2.85-1

purl pkg:deb/debian/dnsmasq@2.85-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bzd-pqhn-hqfj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1

aliases CVE-2020-25684

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nute-d491-mqa9

url VCID-ny7u-m7rb-kkh3

vulnerability_id VCID-ny7u-m7rb-kkh3

summary dnsmasq 2.25 allows remote attackers to cause a denial of service (daemon crash) by (1) renewing a nonexistent lease or (2) sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon.

references

reference_url	http://freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=217681
reference_id
reference_type
scores
url	http://freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=217681

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3214.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3214.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3214

reference_id

reference_type

scores

value	0.00242
scoring_system	epss
scoring_elements	0.47449
published_at	2026-04-13T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47389
published_at	2026-04-01T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47423
published_at	2026-04-02T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47444
published_at	2026-04-04T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47393
published_at	2026-04-07T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47448
published_at	2026-04-08T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47445
published_at	2026-04-09T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47468
published_at	2026-04-11T12:55:00Z

value	0.00242
scoring_system	epss
scoring_elements	0.47443
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3214

reference_url	https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/47438
reference_id
reference_type
scores
url	https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/47438

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3214
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3214

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43929
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43929

reference_url	http://www.openwall.com/lists/oss-security/2008/06/30/7
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/06/30/7

reference_url	http://www.openwall.com/lists/oss-security/2008/07/01/8
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/07/01/8

reference_url	http://www.openwall.com/lists/oss-security/2008/07/02/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/07/02/4

reference_url	http://www.openwall.com/lists/oss-security/2008/07/03/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/07/03/4

reference_url	http://www.openwall.com/lists/oss-security/2008/07/08/8
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/07/08/8

reference_url	http://www.openwall.com/lists/oss-security/2008/07/12/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/07/12/3

reference_url	http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
reference_id
reference_type
scores
url	http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:2.25:::::::*
reference_id	cpe:2.3:a:thekelleys:dnsmasq:2.25:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:2.25:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-3214

reference_id

CVE-2008-3214

reference_type

scores

value	7.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2008-3214

fixed_packages

url pkg:deb/debian/dnsmasq@2.35-1

purl pkg:deb/debian/dnsmasq@2.35-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3x7u-ajbx-6fht

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-4fwm-653p-ufcj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-8fbf-8fea-27d9

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-antt-5fzu-87dw

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-bed9-8jhu-pkf9

vulnerability	VCID-d3nu-fztq-nffg

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-huvr-uav1-ffex

vulnerability	VCID-hxys-tpgq-3uf6

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-jum5-ndq3-xbhp

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nc6t-132e-cqda

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.35-1

aliases CVE-2008-3214

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ny7u-m7rb-kkh3

url VCID-p726-bqvu-dfda

vulnerability_id VCID-p726-bqvu-dfda

summary Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28450.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28450.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-28450

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01618
published_at	2026-04-02T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01607
published_at	2026-04-13T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01624
published_at	2026-04-07T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01626
published_at	2026-04-08T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01633
published_at	2026-04-09T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01619
published_at	2026-04-11T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01609
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-28450

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28450
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28450

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033165
reference_id	1033165
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033165

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2178948
reference_id	2178948
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2178948

reference_url

https://capec.mitre.org/data/definitions/495.html

reference_id

495.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/

url

https://capec.mitre.org/data/definitions/495.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV/

reference_id

6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV/

reference_url

https://thekelleys.org.uk/dnsmasq/doc.html

reference_id

doc.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/

url

https://thekelleys.org.uk/dnsmasq/doc.html

reference_url	https://security.gentoo.org/glsa/202412-10
reference_id	GLSA-202412-10
reference_type
scores
url	https://security.gentoo.org/glsa/202412-10

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA/

reference_id

OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA/

reference_url

https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG

reference_id

?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/

url

https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG

reference_url

https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5

reference_id

?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/

url

https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5

reference_url	https://access.redhat.com/errata/RHSA-2023:6524
reference_id	RHSA-2023:6524
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6524

reference_url	https://access.redhat.com/errata/RHSA-2023:7046
reference_id	RHSA-2023:7046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7046

reference_url	https://access.redhat.com/errata/RHSA-2024:1544
reference_id	RHSA-2024:1544
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1544

reference_url	https://access.redhat.com/errata/RHSA-2024:1545
reference_id	RHSA-2024:1545
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1545

reference_url	https://access.redhat.com/errata/RHSA-2024:4052
reference_id	RHSA-2024:4052
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4052

reference_url	https://usn.ubuntu.com/6034-1/
reference_id	USN-6034-1
reference_type
scores
url	https://usn.ubuntu.com/6034-1/

reference_url	https://usn.ubuntu.com/6657-1/
reference_id	USN-6657-1
reference_type
scores
url	https://usn.ubuntu.com/6657-1/

reference_url	https://usn.ubuntu.com/6657-2/
reference_id	USN-6657-2
reference_type
scores
url	https://usn.ubuntu.com/6657-2/

fixed_packages

url	pkg:deb/debian/dnsmasq@2.90-4~deb12u1
purl	pkg:deb/debian/dnsmasq@2.90-4~deb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1

aliases CVE-2023-28450

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p726-bqvu-dfda

url VCID-qs1p-1j9u-3khg

vulnerability_id VCID-qs1p-1j9u-3khg

summary dnsmasq: dnsmasq-utils 'dhcp_release' Denial of Service

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-37127.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-37127.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-37127

reference_id

reference_type

scores

value	6e-05
scoring_system	epss
scoring_elements	0.00393
published_at	2026-04-01T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00397
published_at	2026-04-04T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00377
published_at	2026-04-13T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00386
published_at	2026-04-07T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00383
published_at	2026-04-08T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00384
published_at	2026-04-09T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00382
published_at	2026-04-11T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00378
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-37127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-37127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-37127

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2437103
reference_id	2437103
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2437103

reference_url

https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1

reference_id

2.79-1

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T21:17:56Z/

url

https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1

reference_url

https://www.exploit-db.com/exploits/48301

reference_id

48301

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T21:17:56Z/

url

https://www.exploit-db.com/exploits/48301

reference_url

https://www.vulncheck.com/advisories/dnsmasq-utils-dhcprelease-denial-of-service

reference_id

dnsmasq-utils-dhcprelease-denial-of-service

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T21:17:56Z/

url

https://www.vulncheck.com/advisories/dnsmasq-utils-dhcprelease-denial-of-service

fixed_packages

url pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

purl pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1

aliases CVE-2020-37127

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qs1p-1j9u-3khg

url VCID-r15f-fgv8-s3h2

vulnerability_id VCID-r15f-fgv8-s3h2

summary

Multiple vulnerabilities have been found in Dnsmasq, the worst of
    which may allow remote attackers to execute arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html

reference_url	http://nvidia.custhelp.com/app/answers/detail/a_id/4561
reference_id
reference_type
scores
url	http://nvidia.custhelp.com/app/answers/detail/a_id/4561

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14495.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14495.json

reference_url	https://access.redhat.com/security/vulnerabilities/3199382
reference_id
reference_type
scores
url	https://access.redhat.com/security/vulnerabilities/3199382

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14495

reference_id

reference_type

scores

value	0.53317
scoring_system	epss
scoring_elements	0.9796
published_at	2026-04-01T12:55:00Z

value	0.53317
scoring_system	epss
scoring_elements	0.9798
published_at	2026-04-13T12:55:00Z

value	0.53317
scoring_system	epss
scoring_elements	0.97968
published_at	2026-04-07T12:55:00Z

value	0.53317
scoring_system	epss
scoring_elements	0.97973
published_at	2026-04-08T12:55:00Z

value	0.53317
scoring_system	epss
scoring_elements	0.97974
published_at	2026-04-09T12:55:00Z

value	0.53317
scoring_system	epss
scoring_elements	0.97977
published_at	2026-04-11T12:55:00Z

value	0.53317
scoring_system	epss
scoring_elements	0.97979
published_at	2026-04-12T12:55:00Z

value	0.53317
scoring_system	epss
scoring_elements	0.97963
published_at	2026-04-02T12:55:00Z

value	0.53317
scoring_system	epss
scoring_elements	0.97965
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14495

reference_url	https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf
reference_id
reference_type
scores
url	https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14495
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14495

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:C

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
reference_id
reference_type
scores
url	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html

reference_url	https://www.exploit-db.com/exploits/42945/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/42945/

reference_url	https://www.kb.cert.org/vuls/id/973527
reference_id
reference_type
scores
url	https://www.kb.cert.org/vuls/id/973527

reference_url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html
reference_id
reference_type
scores
url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html

reference_url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html
reference_id
reference_type
scores
url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html

reference_url	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq
reference_id
reference_type
scores
url	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq

reference_url	http://thekelleys.org.uk/dnsmasq/CHANGELOG
reference_id
reference_type
scores
url	http://thekelleys.org.uk/dnsmasq/CHANGELOG

reference_url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=51eadb692a5123b9838e5a68ecace3ac579a3a45
reference_id
reference_type
scores
url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=51eadb692a5123b9838e5a68ecace3ac579a3a45

reference_url	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt
reference_id
reference_type
scores
url	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt

reference_url	http://www.debian.org/security/2017/dsa-3989
reference_id
reference_type
scores
url	http://www.debian.org/security/2017/dsa-3989

reference_url	http://www.securityfocus.com/bid/101085
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101085

reference_url	http://www.securityfocus.com/bid/101977
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101977

reference_url	http://www.securitytracker.com/id/1039474
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039474

reference_url	http://www.ubuntu.com/usn/USN-3430-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-3430-1

reference_url	http://www.ubuntu.com/usn/USN-3430-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-3430-2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1495415
reference_id	1495415
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1495415

reference_url	https://security.archlinux.org/ASA-201710-1
reference_id	ASA-201710-1
reference_type
scores
url	https://security.archlinux.org/ASA-201710-1

reference_url

https://security.archlinux.org/AVG-421

reference_id

AVG-421

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-421

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_id	cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:::::::*
reference_id	cpe:2.3:o:novell:leap:42.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:::::::*
reference_id	cpe:2.3:o:novell:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42945.py
reference_id	CVE-2017-14495
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42945.py

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-14495

reference_id

CVE-2017-14495

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-14495

reference_url	https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14495.py
reference_id	CVE-2017-14495
reference_type	exploit
scores
url	https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14495.py

reference_url	https://security.gentoo.org/glsa/201710-27
reference_id	GLSA-201710-27
reference_type
scores
url	https://security.gentoo.org/glsa/201710-27

reference_url	https://access.redhat.com/errata/RHSA-2017:2836
reference_id	RHSA-2017:2836
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2836

reference_url	https://usn.ubuntu.com/3430-1/
reference_id	USN-3430-1
reference_type
scores
url	https://usn.ubuntu.com/3430-1/

reference_url	https://usn.ubuntu.com/3430-2/
reference_id	USN-3430-2
reference_type
scores
url	https://usn.ubuntu.com/3430-2/

fixed_packages

url pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

purl pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1

aliases CVE-2017-14495

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r15f-fgv8-s3h2

url VCID-ru4r-dtwq-sub2

vulnerability_id VCID-ru4r-dtwq-sub2

summary

Multiple vulnerabilities have been found in Dnsmasq, the worst of
    which may allow remote attackers to execute arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html

reference_url	http://nvidia.custhelp.com/app/answers/detail/a_id/4561
reference_id
reference_type
scores
url	http://nvidia.custhelp.com/app/answers/detail/a_id/4561

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14496.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14496.json

reference_url	https://access.redhat.com/security/vulnerabilities/3199382
reference_id
reference_type
scores
url	https://access.redhat.com/security/vulnerabilities/3199382

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14496

reference_id

reference_type

scores

value	0.16883
scoring_system	epss
scoring_elements	0.94927
published_at	2026-04-01T12:55:00Z

value	0.16883
scoring_system	epss
scoring_elements	0.9496
published_at	2026-04-13T12:55:00Z

value	0.16883
scoring_system	epss
scoring_elements	0.94951
published_at	2026-04-09T12:55:00Z

value	0.16883
scoring_system	epss
scoring_elements	0.94956
published_at	2026-04-11T12:55:00Z

value	0.16883
scoring_system	epss
scoring_elements	0.94958
published_at	2026-04-12T12:55:00Z

value	0.16883
scoring_system	epss
scoring_elements	0.94935
published_at	2026-04-02T12:55:00Z

value	0.16883
scoring_system	epss
scoring_elements	0.94937
published_at	2026-04-04T12:55:00Z

value	0.16883
scoring_system	epss
scoring_elements	0.94938
published_at	2026-04-07T12:55:00Z

value	0.16883
scoring_system	epss
scoring_elements	0.94947
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14496

reference_url	https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf
reference_id
reference_type
scores
url	https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14496
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14496

reference_url	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
reference_id
reference_type
scores
url	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html

reference_url	https://source.android.com/security/bulletin/2017-10-01
reference_id
reference_type
scores
url	https://source.android.com/security/bulletin/2017-10-01

reference_url	https://www.exploit-db.com/exploits/42946/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/42946/

reference_url	https://www.kb.cert.org/vuls/id/973527
reference_id
reference_type
scores
url	https://www.kb.cert.org/vuls/id/973527

reference_url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html
reference_id
reference_type
scores
url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html

reference_url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html
reference_id
reference_type
scores
url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html

reference_url	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq
reference_id
reference_type
scores
url	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq

reference_url	http://thekelleys.org.uk/dnsmasq/CHANGELOG
reference_id
reference_type
scores
url	http://thekelleys.org.uk/dnsmasq/CHANGELOG

reference_url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=897c113fda0886a28a986cc6ba17bb93bd6cb1c7
reference_id
reference_type
scores
url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=897c113fda0886a28a986cc6ba17bb93bd6cb1c7

reference_url	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt
reference_id
reference_type
scores
url	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt

reference_url	http://www.debian.org/security/2017/dsa-3989
reference_id
reference_type
scores
url	http://www.debian.org/security/2017/dsa-3989

reference_url	http://www.securityfocus.com/bid/101085
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101085

reference_url	http://www.securityfocus.com/bid/101977
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101977

reference_url	http://www.securitytracker.com/id/1039474
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039474

reference_url	http://www.ubuntu.com/usn/USN-3430-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-3430-1

reference_url	http://www.ubuntu.com/usn/USN-3430-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-3430-2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1495416
reference_id	1495416
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1495416

reference_url	https://security.archlinux.org/ASA-201710-1
reference_id	ASA-201710-1
reference_type
scores
url	https://security.archlinux.org/ASA-201710-1

reference_url

https://security.archlinux.org/AVG-421

reference_id

AVG-421

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-421

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_id	cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.4:::::::*
reference_id	cpe:2.3:o:google:android:4.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:::::::*
reference_id	cpe:2.3:o:google:android:5.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:::::::*
reference_id	cpe:2.3:o:google:android:5.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:::::::*
reference_id	cpe:2.3:o:google:android:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:::::::*
reference_id	cpe:2.3:o:google:android:6.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.0:::::::*
reference_id	cpe:2.3:o:google:android:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.1:::::::*
reference_id	cpe:2.3:o:google:android:7.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.2:::::::*
reference_id	cpe:2.3:o:google:android:7.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:::::::*
reference_id	cpe:2.3:o:google:android:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:::::::*
reference_id	cpe:2.3:o:novell:leap:42.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:::::::*
reference_id	cpe:2.3:o:novell:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42946.py
reference_id	CVE-2017-14496
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42946.py

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-14496

reference_id

CVE-2017-14496

reference_type

scores

value	7.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:C

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-14496

reference_url	https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14496.py
reference_id	CVE-2017-14496
reference_type	exploit
scores
url	https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14496.py

reference_url	https://security.gentoo.org/glsa/201710-27
reference_id	GLSA-201710-27
reference_type
scores
url	https://security.gentoo.org/glsa/201710-27

reference_url	https://access.redhat.com/errata/RHSA-2017:2836
reference_id	RHSA-2017:2836
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2836

reference_url	https://usn.ubuntu.com/3430-1/
reference_id	USN-3430-1
reference_type
scores
url	https://usn.ubuntu.com/3430-1/

reference_url	https://usn.ubuntu.com/3430-2/
reference_id	USN-3430-2
reference_type
scores
url	https://usn.ubuntu.com/3430-2/

fixed_packages

url pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

purl pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1

aliases CVE-2017-14496

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ru4r-dtwq-sub2

url VCID-snzd-3st5-8yb1

vulnerability_id VCID-snzd-3st5-8yb1

summary

Multiple vulnerabilities have been found in Dnsmasq, the worst of
    which may allow remote attackers to execute arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html

reference_url	http://nvidia.custhelp.com/app/answers/detail/a_id/4561
reference_id
reference_type
scores
url	http://nvidia.custhelp.com/app/answers/detail/a_id/4561

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14494.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14494.json

reference_url	https://access.redhat.com/security/vulnerabilities/3199382
reference_id
reference_type
scores
url	https://access.redhat.com/security/vulnerabilities/3199382

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14494

reference_id

reference_type

scores

value	0.10987
scoring_system	epss
scoring_elements	0.93389
published_at	2026-04-01T12:55:00Z

value	0.10987
scoring_system	epss
scoring_elements	0.93423
published_at	2026-04-13T12:55:00Z

value	0.10987
scoring_system	epss
scoring_elements	0.93405
published_at	2026-04-07T12:55:00Z

value	0.10987
scoring_system	epss
scoring_elements	0.93413
published_at	2026-04-08T12:55:00Z

value	0.10987
scoring_system	epss
scoring_elements	0.93417
published_at	2026-04-09T12:55:00Z

value	0.10987
scoring_system	epss
scoring_elements	0.93422
published_at	2026-04-11T12:55:00Z

value	0.10987
scoring_system	epss
scoring_elements	0.93421
published_at	2026-04-12T12:55:00Z

value	0.10987
scoring_system	epss
scoring_elements	0.93397
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14494

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv2
scoring_elements	AV:A/AC:L/Au:N/C:P/I:N/A:N

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
reference_id
reference_type
scores
url	https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html

reference_url	https://www.exploit-db.com/exploits/42944/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/42944/

reference_url	https://www.kb.cert.org/vuls/id/973527
reference_id
reference_type
scores
url	https://www.kb.cert.org/vuls/id/973527

reference_url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html
reference_id
reference_type
scores
url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html

reference_url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html
reference_id
reference_type
scores
url	https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html

reference_url	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq
reference_id
reference_type
scores
url	https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq

reference_url	http://thekelleys.org.uk/dnsmasq/CHANGELOG
reference_id
reference_type
scores
url	http://thekelleys.org.uk/dnsmasq/CHANGELOG

reference_url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=33e3f1029c9ec6c63e430ff51063a6301d4b2262
reference_id
reference_type
scores
url	http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=33e3f1029c9ec6c63e430ff51063a6301d4b2262

reference_url	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt
reference_id
reference_type
scores
url	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt

reference_url	http://www.debian.org/security/2017/dsa-3989
reference_id
reference_type
scores
url	http://www.debian.org/security/2017/dsa-3989

reference_url	http://www.securityfocus.com/bid/101085
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101085

reference_url	http://www.securitytracker.com/id/1039474
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039474

reference_url	http://www.ubuntu.com/usn/USN-3430-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-3430-1

reference_url	http://www.ubuntu.com/usn/USN-3430-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-3430-2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1495412
reference_id	1495412
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1495412

reference_url	https://security.archlinux.org/ASA-201710-1
reference_id	ASA-201710-1
reference_type
scores
url	https://security.archlinux.org/ASA-201710-1

reference_url

https://security.archlinux.org/AVG-421

reference_id

AVG-421

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-421

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_id	cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:::::::*
reference_id	cpe:2.3:o:novell:leap:42.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:::::::*
reference_id	cpe:2.3:o:novell:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42944.py
reference_id	CVE-2017-14494
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42944.py

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-14494

reference_id

CVE-2017-14494

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-14494

reference_url	https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14494.py
reference_id	CVE-2017-14494
reference_type	exploit
scores
url	https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14494.py

reference_url	https://security.gentoo.org/glsa/201710-27
reference_id	GLSA-201710-27
reference_type
scores
url	https://security.gentoo.org/glsa/201710-27

reference_url	https://access.redhat.com/errata/RHSA-2017:2836
reference_id	RHSA-2017:2836
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2836

reference_url	https://access.redhat.com/errata/RHSA-2017:2837
reference_id	RHSA-2017:2837
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2837

reference_url	https://usn.ubuntu.com/3430-1/
reference_id	USN-3430-1
reference_type
scores
url	https://usn.ubuntu.com/3430-1/

reference_url	https://usn.ubuntu.com/3430-2/
reference_id	USN-3430-2
reference_type
scores
url	https://usn.ubuntu.com/3430-2/

fixed_packages

url pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2

purl pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-4fwm-653p-ufcj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-d3nu-fztq-nffg

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-huvr-uav1-ffex

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3%252Bdeb8u2

url pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2

purl pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2

url pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

purl pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1

aliases CVE-2017-14494

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-snzd-3st5-8yb1

url VCID-vprj-j7u6-zbe7

vulnerability_id VCID-vprj-j7u6-zbe7

summary Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-50868

reference_id

reference_type

scores

value	0.11802
scoring_system	epss
scoring_elements	0.93712
published_at	2026-04-12T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93708
published_at	2026-04-09T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93706
published_at	2026-04-08T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93696
published_at	2026-04-07T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93684
published_at	2026-04-02T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93713
published_at	2026-04-13T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93694
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-50868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html

reference_id

017430.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845
reference_id	1063845
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852
reference_id	1063852
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751
reference_id	1077751
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751

reference_url

http://www.openwall.com/lists/oss-security/2024/02/16/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

http://www.openwall.com/lists/oss-security/2024/02/16/2

reference_url

https://www.isc.org/blogs/2024-bind-security-release/

reference_id

2024-bind-security-release

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://www.isc.org/blogs/2024-bind-security-release/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2263917
reference_id	2263917
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2263917

reference_url

http://www.openwall.com/lists/oss-security/2024/02/16/3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

http://www.openwall.com/lists/oss-security/2024/02/16/3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/

reference_id

6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/

reference_id

BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/

reference_url

https://kb.isc.org/docs/cve-2023-50868

reference_id

cve-2023-50868

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://kb.isc.org/docs/cve-2023-50868

reference_url

https://access.redhat.com/security/cve/CVE-2023-50868

reference_id

CVE-2023-50868

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://access.redhat.com/security/cve/CVE-2023-50868

reference_url	https://security.gentoo.org/glsa/202412-10
reference_id	GLSA-202412-10
reference_type
scores
url	https://security.gentoo.org/glsa/202412-10

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/

reference_id

HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/

reference_id

IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/

reference_url

https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html

reference_id

msg00006.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html

reference_id

msg00011.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html

reference_url

https://security.netapp.com/advisory/ntap-20240307-0008/

reference_id

ntap-20240307-0008

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://security.netapp.com/advisory/ntap-20240307-0008/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/

reference_id

PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html

reference_id

powerdns-advisory-2024-01.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html

reference_url

https://datatracker.ietf.org/doc/html/rfc5155

reference_id

rfc5155

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://datatracker.ietf.org/doc/html/rfc5155

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/

reference_id

RGS7JN6FZXUSTC2XKQHH27574XOULYYJ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/

reference_url	https://access.redhat.com/errata/RHSA-2024:0965
reference_id	RHSA-2024:0965
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0965

reference_url	https://access.redhat.com/errata/RHSA-2024:0977
reference_id	RHSA-2024:0977
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0977

reference_url	https://access.redhat.com/errata/RHSA-2024:0981
reference_id	RHSA-2024:0981
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0981

reference_url	https://access.redhat.com/errata/RHSA-2024:0982
reference_id	RHSA-2024:0982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0982

reference_url	https://access.redhat.com/errata/RHSA-2024:11003
reference_id	RHSA-2024:11003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:11003

reference_url	https://access.redhat.com/errata/RHSA-2024:1334
reference_id	RHSA-2024:1334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1334

reference_url	https://access.redhat.com/errata/RHSA-2024:1335
reference_id	RHSA-2024:1335
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1335

reference_url	https://access.redhat.com/errata/RHSA-2024:1522
reference_id	RHSA-2024:1522
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1522

reference_url	https://access.redhat.com/errata/RHSA-2024:1543
reference_id	RHSA-2024:1543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1543

reference_url	https://access.redhat.com/errata/RHSA-2024:1544
reference_id	RHSA-2024:1544
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1544

reference_url	https://access.redhat.com/errata/RHSA-2024:1545
reference_id	RHSA-2024:1545
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1545

reference_url	https://access.redhat.com/errata/RHSA-2024:1647
reference_id	RHSA-2024:1647
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1647

reference_url	https://access.redhat.com/errata/RHSA-2024:1648
reference_id	RHSA-2024:1648
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1648

reference_url	https://access.redhat.com/errata/RHSA-2024:1781
reference_id	RHSA-2024:1781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1781

reference_url	https://access.redhat.com/errata/RHSA-2024:1782
reference_id	RHSA-2024:1782
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1782

reference_url	https://access.redhat.com/errata/RHSA-2024:1789
reference_id	RHSA-2024:1789
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1789

reference_url	https://access.redhat.com/errata/RHSA-2024:1800
reference_id	RHSA-2024:1800
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1800

reference_url	https://access.redhat.com/errata/RHSA-2024:1801
reference_id	RHSA-2024:1801
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1801

reference_url	https://access.redhat.com/errata/RHSA-2024:1803
reference_id	RHSA-2024:1803
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1803

reference_url	https://access.redhat.com/errata/RHSA-2024:1804
reference_id	RHSA-2024:1804
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1804

reference_url	https://access.redhat.com/errata/RHSA-2024:2551
reference_id	RHSA-2024:2551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2551

reference_url	https://access.redhat.com/errata/RHSA-2024:2587
reference_id	RHSA-2024:2587
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2587

reference_url	https://access.redhat.com/errata/RHSA-2024:2696
reference_id	RHSA-2024:2696
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2696

reference_url	https://access.redhat.com/errata/RHSA-2024:2720
reference_id	RHSA-2024:2720
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2720

reference_url	https://access.redhat.com/errata/RHSA-2024:2721
reference_id	RHSA-2024:2721
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2721

reference_url	https://access.redhat.com/errata/RHSA-2024:2821
reference_id	RHSA-2024:2821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2821

reference_url	https://access.redhat.com/errata/RHSA-2024:2890
reference_id	RHSA-2024:2890
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2890

reference_url	https://access.redhat.com/errata/RHSA-2024:3271
reference_id	RHSA-2024:3271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3271

reference_url	https://access.redhat.com/errata/RHSA-2024:3741
reference_id	RHSA-2024:3741
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3741

reference_url	https://access.redhat.com/errata/RHSA-2024:3877
reference_id	RHSA-2024:3877
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3877

reference_url	https://access.redhat.com/errata/RHSA-2024:3929
reference_id	RHSA-2024:3929
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3929

reference_url	https://access.redhat.com/errata/RHSA-2025:0039
reference_id	RHSA-2025:0039
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0039

reference_url

https://bugzilla.suse.com/show_bug.cgi?id=1219826

reference_id

show_bug.cgi?id=1219826

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://bugzilla.suse.com/show_bug.cgi?id=1219826

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/

reference_id

SVYA42BLXUCIDLD35YIJPJSHDIADNYMP

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/

reference_id

TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/

reference_url

https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/

reference_id

unbound-1.19.1-released

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/

reference_id

UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/

reference_url	https://usn.ubuntu.com/6633-1/
reference_id	USN-6633-1
reference_type
scores
url	https://usn.ubuntu.com/6633-1/

reference_url	https://usn.ubuntu.com/6642-1/
reference_id	USN-6642-1
reference_type
scores
url	https://usn.ubuntu.com/6642-1/

reference_url	https://usn.ubuntu.com/6657-1/
reference_id	USN-6657-1
reference_type
scores
url	https://usn.ubuntu.com/6657-1/

reference_url	https://usn.ubuntu.com/6657-2/
reference_id	USN-6657-2
reference_type
scores
url	https://usn.ubuntu.com/6657-2/

reference_url	https://usn.ubuntu.com/6665-1/
reference_id	USN-6665-1
reference_type
scores
url	https://usn.ubuntu.com/6665-1/

reference_url	https://usn.ubuntu.com/6723-1/
reference_id	USN-6723-1
reference_type
scores
url	https://usn.ubuntu.com/6723-1/

reference_url

https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1

reference_id

v5.7.1

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/

reference_id

ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/

fixed_packages

url	pkg:deb/debian/dnsmasq@2.90-4~deb12u1
purl	pkg:deb/debian/dnsmasq@2.90-4~deb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1

aliases CVE-2023-50868

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vprj-j7u6-zbe7

url VCID-vshb-4mjd-qugr

vulnerability_id VCID-vshb-4mjd-qugr

summary

Use of insufficient randomness in Dnsmasq might lead to DNS Cache
    Poisoning.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3448.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3448.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3448

reference_id

reference_type

scores

value	0.00042
scoring_system	epss
scoring_elements	0.12634
published_at	2026-04-01T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.12605
published_at	2026-04-13T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.12738
published_at	2026-04-02T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.12784
published_at	2026-04-04T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.12591
published_at	2026-04-07T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.1267
published_at	2026-04-08T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.12723
published_at	2026-04-09T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.1269
published_at	2026-04-11T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.1265
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3448

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3448
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3448

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1939368

reference_id

1939368

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1939368

reference_url

https://security.archlinux.org/AVG-1703

reference_id

AVG-1703

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1703

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24/

reference_id

CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7/

reference_id

FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V/

reference_id

GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V/

reference_url

https://security.gentoo.org/glsa/202105-20

reference_id

GLSA-202105-20

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/

url

https://security.gentoo.org/glsa/202105-20

reference_url	https://access.redhat.com/errata/RHSA-2021:4153
reference_id	RHSA-2021:4153
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4153

reference_url	https://usn.ubuntu.com/4976-1/
reference_id	USN-4976-1
reference_type
scores
url	https://usn.ubuntu.com/4976-1/

reference_url	https://usn.ubuntu.com/4976-2/
reference_id	USN-4976-2
reference_type
scores
url	https://usn.ubuntu.com/4976-2/

fixed_packages

url pkg:deb/debian/dnsmasq@2.85-1

purl pkg:deb/debian/dnsmasq@2.85-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bzd-pqhn-hqfj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1

aliases CVE-2021-3448

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vshb-4mjd-qugr

url VCID-xge7-87zv-tbev

vulnerability_id VCID-xge7-87zv-tbev

summary dnsmasq: Improper validation of wildcard synthesized NSEC records

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15107.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15107.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15107

reference_id

reference_type

scores

value	0.00026
scoring_system	epss
scoring_elements	0.07189
published_at	2026-04-13T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07198
published_at	2026-04-12T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09521
published_at	2026-04-01T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09536
published_at	2026-04-02T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09586
published_at	2026-04-04T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09499
published_at	2026-04-07T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09574
published_at	2026-04-08T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09621
published_at	2026-04-09T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09628
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15107

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15107
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15107

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1510570
reference_id	1510570
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1510570

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888200
reference_id	888200
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888200

reference_url	https://security.archlinux.org/ASA-201801-32
reference_id	ASA-201801-32
reference_type
scores
url	https://security.archlinux.org/ASA-201801-32

reference_url

https://security.archlinux.org/AVG-592

reference_id

AVG-592

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-592

reference_url	https://usn.ubuntu.com/4924-1/
reference_id	USN-4924-1
reference_type
scores
url	https://usn.ubuntu.com/4924-1/

fixed_packages

url pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

purl pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1

aliases CVE-2017-15107

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xge7-87zv-tbev

url VCID-yaj9-mfyu-uqdm

vulnerability_id VCID-yaj9-mfyu-uqdm

summary

Multiple vulnerabilities have been found in Dnsmasq, the worst of
    which may allow remote attackers to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25681.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25681.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-25681

reference_id

reference_type

scores

value	0.45359
scoring_system	epss
scoring_elements	0.97582
published_at	2026-04-01T12:55:00Z

value	0.45359
scoring_system	epss
scoring_elements	0.97606
published_at	2026-04-13T12:55:00Z

value	0.45359
scoring_system	epss
scoring_elements	0.97603
published_at	2026-04-11T12:55:00Z

value	0.45359
scoring_system	epss
scoring_elements	0.97605
published_at	2026-04-12T12:55:00Z

value	0.45359
scoring_system	epss
scoring_elements	0.97588
published_at	2026-04-02T12:55:00Z

value	0.45359
scoring_system	epss
scoring_elements	0.97591
published_at	2026-04-04T12:55:00Z

value	0.45359
scoring_system	epss
scoring_elements	0.97592
published_at	2026-04-07T12:55:00Z

value	0.45359
scoring_system	epss
scoring_elements	0.97598
published_at	2026-04-08T12:55:00Z

value	0.45359
scoring_system	epss
scoring_elements	0.976
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-25681

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1881875
reference_id	1881875
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1881875

reference_url	https://security.archlinux.org/ASA-202101-38
reference_id	ASA-202101-38
reference_type
scores
url	https://security.archlinux.org/ASA-202101-38

reference_url

https://security.archlinux.org/AVG-1470

reference_id

AVG-1470

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1470

reference_url	https://security.gentoo.org/glsa/202101-17
reference_id	GLSA-202101-17
reference_type
scores
url	https://security.gentoo.org/glsa/202101-17

reference_url	https://access.redhat.com/errata/RHSA-2021:0150
reference_id	RHSA-2021:0150
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0150

reference_url	https://access.redhat.com/errata/RHSA-2021:0151
reference_id	RHSA-2021:0151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0151

reference_url	https://access.redhat.com/errata/RHSA-2021:0152
reference_id	RHSA-2021:0152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0152

reference_url	https://usn.ubuntu.com/4698-1/
reference_id	USN-4698-1
reference_type
scores
url	https://usn.ubuntu.com/4698-1/

fixed_packages

url pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

purl pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1

url pkg:deb/debian/dnsmasq@2.85-1

purl pkg:deb/debian/dnsmasq@2.85-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bzd-pqhn-hqfj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-vprj-j7u6-zbe7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1

aliases CVE-2020-25681

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yaj9-mfyu-uqdm

url VCID-z9q1-h7ra-r3dg

vulnerability_id VCID-z9q1-h7ra-r3dg

summary Dnsmasq 2.29 allows remote attackers to cause a denial of service (application crash) via a DHCP client broadcast reply request.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-2017

reference_id

reference_type

scores

value	0.01271
scoring_system	epss
scoring_elements	0.79468
published_at	2026-04-01T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79474
published_at	2026-04-02T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79498
published_at	2026-04-04T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79484
published_at	2026-04-07T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79513
published_at	2026-04-08T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.7952
published_at	2026-04-09T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79543
published_at	2026-04-11T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79526
published_at	2026-04-12T12:55:00Z

value	0.01271
scoring_system	epss
scoring_elements	0.79517
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-2017

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2017
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2017

fixed_packages

url pkg:deb/debian/dnsmasq@2.35-1

purl pkg:deb/debian/dnsmasq@2.35-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3x7u-ajbx-6fht

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-4fwm-653p-ufcj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-8fbf-8fea-27d9

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-antt-5fzu-87dw

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-bed9-8jhu-pkf9

vulnerability	VCID-d3nu-fztq-nffg

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-huvr-uav1-ffex

vulnerability	VCID-hxys-tpgq-3uf6

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-jum5-ndq3-xbhp

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nc6t-132e-cqda

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.35-1

aliases CVE-2006-2017

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z9q1-h7ra-r3dg

Fixing_vulnerabilities

url VCID-2ajy-5x5f-bqdk

vulnerability_id VCID-2ajy-5x5f-bqdk

summary Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers to execute arbitrary code via the DHCP lease file.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-0876

reference_id

reference_type

scores

value	0.0222
scoring_system	epss
scoring_elements	0.84494
published_at	2026-04-13T12:55:00Z

value	0.0222
scoring_system	epss
scoring_elements	0.84423
published_at	2026-04-01T12:55:00Z

value	0.0222
scoring_system	epss
scoring_elements	0.84438
published_at	2026-04-02T12:55:00Z

value	0.0222
scoring_system	epss
scoring_elements	0.84457
published_at	2026-04-04T12:55:00Z

value	0.0222
scoring_system	epss
scoring_elements	0.84459
published_at	2026-04-07T12:55:00Z

value	0.0222
scoring_system	epss
scoring_elements	0.8448
published_at	2026-04-08T12:55:00Z

value	0.0222
scoring_system	epss
scoring_elements	0.84486
published_at	2026-04-09T12:55:00Z

value	0.0222
scoring_system	epss
scoring_elements	0.84504
published_at	2026-04-11T12:55:00Z

value	0.0222
scoring_system	epss
scoring_elements	0.84499
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-0876

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0876
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0876

reference_url	http://secunia.com/advisories/14691
reference_id
reference_type
scores
url	http://secunia.com/advisories/14691

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/19825
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/19825

reference_url	http://www.securityfocus.com/bid/12897
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/12897

reference_url	http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
reference_id
reference_type
scores
url	http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.14:::::::*
reference_id	cpe:2.3:a:dnsmasq:dnsmasq:2.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.15:::::::*
reference_id	cpe:2.3:a:dnsmasq:dnsmasq:2.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.16:::::::*
reference_id	cpe:2.3:a:dnsmasq:dnsmasq:2.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.17:::::::*
reference_id	cpe:2.3:a:dnsmasq:dnsmasq:2.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.18:::::::*
reference_id	cpe:2.3:a:dnsmasq:dnsmasq:2.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.19:::::::*
reference_id	cpe:2.3:a:dnsmasq:dnsmasq:2.19:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.19:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.20:::::::*
reference_id	cpe:2.3:a:dnsmasq:dnsmasq:2.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.20:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2005-0876

reference_id

CVE-2005-0876

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2005-0876

fixed_packages

url pkg:deb/debian/dnsmasq@2.22-2

purl pkg:deb/debian/dnsmasq@2.22-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3x7u-ajbx-6fht

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-4fwm-653p-ufcj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-8fbf-8fea-27d9

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-antt-5fzu-87dw

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-bed9-8jhu-pkf9

vulnerability	VCID-d3nu-fztq-nffg

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-huvr-uav1-ffex

vulnerability	VCID-hxys-tpgq-3uf6

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-jum5-ndq3-xbhp

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nc6t-132e-cqda

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-ny7u-m7rb-kkh3

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

vulnerability	VCID-z9q1-h7ra-r3dg

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.22-2

aliases CVE-2005-0876

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2ajy-5x5f-bqdk

url VCID-nkc5-xdc9-2ff8

vulnerability_id VCID-nkc5-xdc9-2ff8

summary dnsmasq: DNS cache poisoning from local network may lead to DoS

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0877.json

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0877.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-0877

reference_id

reference_type

scores

value	0.00053
scoring_system	epss
scoring_elements	0.16753
published_at	2026-04-13T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16856
published_at	2026-04-11T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16811
published_at	2026-04-12T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16725
published_at	2026-04-01T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16895
published_at	2026-04-02T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16952
published_at	2026-04-04T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16735
published_at	2026-04-07T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16823
published_at	2026-04-08T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.1688
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-0877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0877

reference_url	http://secunia.com/advisories/14691
reference_id
reference_type
scores
url	http://secunia.com/advisories/14691

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/19826
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/19826

reference_url	http://www.securityfocus.com/bid/12897
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/12897

reference_url	http://www.thekelleys.org.uk/dnsmasq/CHANGELOG
reference_id
reference_type
scores
url	http://www.thekelleys.org.uk/dnsmasq/CHANGELOG

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2011237
reference_id	2011237
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2011237

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_id	cpe:2.3:a:thekelleys:dnsmasq::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2005-0877

reference_id

CVE-2005-0877

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2005-0877

fixed_packages

url pkg:deb/debian/dnsmasq@2.22-2

purl pkg:deb/debian/dnsmasq@2.22-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3x7u-ajbx-6fht

vulnerability	VCID-4a66-hb88-jbgp

vulnerability	VCID-4fwm-653p-ufcj

vulnerability	VCID-66sa-bc5p-jqde

vulnerability	VCID-69jf-2cmm-tkhj

vulnerability	VCID-8fbf-8fea-27d9

vulnerability	VCID-a9ya-bnnp-hyc4

vulnerability	VCID-antt-5fzu-87dw

vulnerability	VCID-b2dc-msms-bfee

vulnerability	VCID-bed9-8jhu-pkf9

vulnerability	VCID-d3nu-fztq-nffg

vulnerability	VCID-gnkg-afmr-r7aq

vulnerability	VCID-hr7r-mgk2-67aw

vulnerability	VCID-huvr-uav1-ffex

vulnerability	VCID-hxys-tpgq-3uf6

vulnerability	VCID-jj87-61kf-mufs

vulnerability	VCID-jum5-ndq3-xbhp

vulnerability	VCID-k9w6-f6aw-dbey

vulnerability	VCID-khrt-9ar9-wbc3

vulnerability	VCID-kxbw-1fr9-8kb3

vulnerability	VCID-nc6t-132e-cqda

vulnerability	VCID-nrja-2ajq-mfek

vulnerability	VCID-nute-d491-mqa9

vulnerability	VCID-ny7u-m7rb-kkh3

vulnerability	VCID-p726-bqvu-dfda

vulnerability	VCID-qs1p-1j9u-3khg

vulnerability	VCID-r15f-fgv8-s3h2

vulnerability	VCID-ru4r-dtwq-sub2

vulnerability	VCID-snzd-3st5-8yb1

vulnerability	VCID-vprj-j7u6-zbe7

vulnerability	VCID-vshb-4mjd-qugr

vulnerability	VCID-xge7-87zv-tbev

vulnerability	VCID-yaj9-mfyu-uqdm

vulnerability	VCID-z9q1-h7ra-r3dg

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.22-2

aliases CVE-2005-0877

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nkc5-xdc9-2ff8

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.22-2

Package Instance