{"url":"http://public2.vulnerablecode.io/api/packages/1035825?format=json","purl":"pkg:deb/debian/dnsmasq@2.55-2","type":"deb","namespace":"debian","name":"dnsmasq","version":"2.55-2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.90-4~deb12u1","latest_non_vulnerable_version":"2.90-4~deb12u1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81902?format=json","vulnerability_id":"VCID-4a66-hb88-jbgp","summary":"dnsmasq: memory leak in the create_helper() function in /src/helper.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14834.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14834.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14834","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12755","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12856","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12907","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12712","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12792","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12843","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12809","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12772","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12725","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14834"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764425","reference_id":"1764425","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764425"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948373","reference_id":"948373","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1715","reference_id":"RHSA-2020:1715","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1715"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3878","reference_id":"RHSA-2020:3878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3878"},{"reference_url":"https://usn.ubuntu.com/4698-1/","reference_id":"USN-4698-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4698-1/"},{"reference_url":"https://usn.ubuntu.com/7689-1/","reference_id":"USN-7689-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7689-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585984?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1"}],"aliases":["CVE-2019-14834"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4a66-hb88-jbgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85451?format=json","vulnerability_id":"VCID-4fwm-653p-ufcj","summary":"dnsmasq: Denial-of-service when empty address from DNS overlays A record from hosts","references":[{"reference_url":"http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html"},{"reference_url":"http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010505.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010505.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8899.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8899.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8899","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23692","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23792","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23748","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23716","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23833","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23873","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23661","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23731","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23777","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8899"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=41a8d9e99be9f2cc8b02051dd322cb45e0faac87","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=41a8d9e99be9f2cc8b02051dd322cb45e0faac87"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/06/03/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/06/03/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/06/04/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/06/04/2"},{"reference_url":"http://www.securityfocus.com/bid/91031","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91031"},{"reference_url":"http://www.securitytracker.com/id/1036045","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036045"},{"reference_url":"http://www.ubuntu.com/usn/USN-3009-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3009-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1343072","reference_id":"1343072","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1343072"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8899","reference_id":"CVE-2015-8899","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8899"},{"reference_url":"https://usn.ubuntu.com/3009-1/","reference_id":"USN-3009-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3009-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037114?format=json","purl":"pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2"}],"aliases":["CVE-2015-8899"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4fwm-653p-ufcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61411?format=json","vulnerability_id":"VCID-66sa-bc5p-jqde","summary":"Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50387","reference_id":"","reference_type":"","scores":[{"value":"0.51989","scoring_system":"epss","scoring_elements":"0.97913","published_at":"2026-04-12T12:55:00Z"},{"value":"0.51989","scoring_system":"epss","scoring_elements":"0.97912","published_at":"2026-04-11T12:55:00Z"},{"value":"0.51989","scoring_system":"epss","scoring_elements":"0.97909","published_at":"2026-04-09T12:55:00Z"},{"value":"0.51989","scoring_system":"epss","scoring_elements":"0.97898","published_at":"2026-04-04T12:55:00Z"},{"value":"0.51989","scoring_system":"epss","scoring_elements":"0.97906","published_at":"2026-04-08T12:55:00Z"},{"value":"0.51989","scoring_system":"epss","scoring_elements":"0.97901","published_at":"2026-04-07T12:55:00Z"},{"value":"0.51989","scoring_system":"epss","scoring_elements":"0.97896","published_at":"2026-04-02T12:55:00Z"},{"value":"0.51989","scoring_system":"epss","scoring_elements":"0.97914","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html","reference_id":"017430.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845","reference_id":"1063845","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852","reference_id":"1063852","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750","reference_id":"1077750","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/16/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/16/2"},{"reference_url":"https://www.isc.org/blogs/2024-bind-security-release/","reference_id":"2024-bind-security-release","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.isc.org/blogs/2024-bind-security-release/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263914","reference_id":"2263914","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263914"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/16/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/16/3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/","reference_id":"6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/","reference_id":"BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/"},{"reference_url":"https://kb.isc.org/docs/cve-2023-50387","reference_id":"cve-2023-50387","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://kb.isc.org/docs/cve-2023-50387"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-50387","reference_id":"CVE-2023-50387","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-50387"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387","reference_id":"CVE-2023-50387","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387"},{"reference_url":"https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/","reference_id":"dnssec_vulnerability_internet","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/"},{"reference_url":"https://security.gentoo.org/glsa/202412-10","reference_id":"GLSA-202412-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-10"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/","reference_id":"HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/","reference_id":"IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/"},{"reference_url":"https://news.ycombinator.com/item?id=39367411","reference_id":"item?id=39367411","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://news.ycombinator.com/item?id=39367411"},{"reference_url":"https://news.ycombinator.com/item?id=39372384","reference_id":"item?id=39372384","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://news.ycombinator.com/item?id=39372384"},{"reference_url":"https://www.athene-center.de/aktuelles/key-trap","reference_id":"key-trap","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.athene-center.de/aktuelles/key-trap"},{"reference_url":"https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/","reference_id":"keytrap-dns-attack-could-disable-large-parts-of-internet-researchers","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html","reference_id":"msg00006.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240307-0007/","reference_id":"ntap-20240307-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240307-0007/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/","reference_id":"PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/"},{"reference_url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html","reference_id":"powerdns-advisory-2024-01.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/","reference_id":"RGS7JN6FZXUSTC2XKQHH27574XOULYYJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0965","reference_id":"RHSA-2024:0965","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0977","reference_id":"RHSA-2024:0977","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0981","reference_id":"RHSA-2024:0981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0982","reference_id":"RHSA-2024:0982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11003","reference_id":"RHSA-2024:11003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1334","reference_id":"RHSA-2024:1334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1335","reference_id":"RHSA-2024:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1522","reference_id":"RHSA-2024:1522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1543","reference_id":"RHSA-2024:1543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1544","reference_id":"RHSA-2024:1544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1545","reference_id":"RHSA-2024:1545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1647","reference_id":"RHSA-2024:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1648","reference_id":"RHSA-2024:1648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1781","reference_id":"RHSA-2024:1781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1782","reference_id":"RHSA-2024:1782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1789","reference_id":"RHSA-2024:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1800","reference_id":"RHSA-2024:1800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1801","reference_id":"RHSA-2024:1801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1803","reference_id":"RHSA-2024:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1804","reference_id":"RHSA-2024:1804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2551","reference_id":"RHSA-2024:2551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2587","reference_id":"RHSA-2024:2587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2696","reference_id":"RHSA-2024:2696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2720","reference_id":"RHSA-2024:2720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2721","reference_id":"RHSA-2024:2721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2821","reference_id":"RHSA-2024:2821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2890","reference_id":"RHSA-2024:2890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3271","reference_id":"RHSA-2024:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3741","reference_id":"RHSA-2024:3741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3877","reference_id":"RHSA-2024:3877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3929","reference_id":"RHSA-2024:3929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0039","reference_id":"RHSA-2025:0039","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0039"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1219823","reference_id":"show_bug.cgi?id=1219823","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1219823"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/","reference_id":"SVYA42BLXUCIDLD35YIJPJSHDIADNYMP","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/"},{"reference_url":"https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf","reference_id":"Technical_Report_KeyTrap.pdf","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/","reference_id":"TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/"},{"reference_url":"https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/","reference_id":"unbound-1.19.1-released","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/","reference_id":"UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/"},{"reference_url":"https://usn.ubuntu.com/6633-1/","reference_id":"USN-6633-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6633-1/"},{"reference_url":"https://usn.ubuntu.com/6642-1/","reference_id":"USN-6642-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6642-1/"},{"reference_url":"https://usn.ubuntu.com/6657-1/","reference_id":"USN-6657-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-1/"},{"reference_url":"https://usn.ubuntu.com/6657-2/","reference_id":"USN-6657-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-2/"},{"reference_url":"https://usn.ubuntu.com/6665-1/","reference_id":"USN-6665-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6665-1/"},{"reference_url":"https://usn.ubuntu.com/6723-1/","reference_id":"USN-6723-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6723-1/"},{"reference_url":"https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1","reference_id":"v5.7.1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","reference_id":"ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585985?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1"}],"aliases":["CVE-2023-50387"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-66sa-bc5p-jqde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46207?format=json","vulnerability_id":"VCID-69jf-2cmm-tkhj","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25682.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25682.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25682","reference_id":"","reference_type":"","scores":[{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96955","published_at":"2026-04-01T12:55:00Z"},{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96983","published_at":"2026-04-13T12:55:00Z"},{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96981","published_at":"2026-04-11T12:55:00Z"},{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96982","published_at":"2026-04-12T12:55:00Z"},{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96962","published_at":"2026-04-02T12:55:00Z"},{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96966","published_at":"2026-04-04T12:55:00Z"},{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96969","published_at":"2026-04-07T12:55:00Z"},{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96977","published_at":"2026-04-08T12:55:00Z"},{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96978","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1882014","reference_id":"1882014","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1882014"},{"reference_url":"https://security.archlinux.org/ASA-202101-38","reference_id":"ASA-202101-38","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-38"},{"reference_url":"https://security.archlinux.org/AVG-1470","reference_id":"AVG-1470","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1470"},{"reference_url":"https://security.gentoo.org/glsa/202101-17","reference_id":"GLSA-202101-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0150","reference_id":"RHSA-2021:0150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0151","reference_id":"RHSA-2021:0151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0152","reference_id":"RHSA-2021:0152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0152"},{"reference_url":"https://usn.ubuntu.com/4698-1/","reference_id":"USN-4698-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4698-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037958?format=json","purl":"pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/585984?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1"}],"aliases":["CVE-2020-25682"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-69jf-2cmm-tkhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46211?format=json","vulnerability_id":"VCID-a9ya-bnnp-hyc4","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25685.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25685.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25685","reference_id":"","reference_type":"","scores":[{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54629","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54715","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54752","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54736","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54699","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54722","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54692","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54744","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.5474","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1889688","reference_id":"1889688","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1889688"},{"reference_url":"https://security.archlinux.org/ASA-202101-38","reference_id":"ASA-202101-38","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-38"},{"reference_url":"https://security.archlinux.org/AVG-1470","reference_id":"AVG-1470","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1470"},{"reference_url":"https://security.gentoo.org/glsa/202101-17","reference_id":"GLSA-202101-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0150","reference_id":"RHSA-2021:0150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0151","reference_id":"RHSA-2021:0151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0152","reference_id":"RHSA-2021:0152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0153","reference_id":"RHSA-2021:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0154","reference_id":"RHSA-2021:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0155","reference_id":"RHSA-2021:0155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0156","reference_id":"RHSA-2021:0156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0240","reference_id":"RHSA-2021:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0245","reference_id":"RHSA-2021:0245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0395","reference_id":"RHSA-2021:0395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0401","reference_id":"RHSA-2021:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0401"},{"reference_url":"https://usn.ubuntu.com/4698-1/","reference_id":"USN-4698-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4698-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037958?format=json","purl":"pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/585984?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1"}],"aliases":["CVE-2020-25685"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a9ya-bnnp-hyc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46045?format=json","vulnerability_id":"VCID-b2dc-msms-bfee","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"},{"reference_url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561","reference_id":"","reference_type":"","scores":[],"url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14493.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14493.json"},{"reference_url":"https://access.redhat.com/security/vulnerabilities/3199382","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/security/vulnerabilities/3199382"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14493","reference_id":"","reference_type":"","scores":[{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.90026","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.90067","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.90045","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.9006","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.90066","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.90075","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.90073","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.90029","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.9004","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14493"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv2","scoring_elements":"AV:A/AC:L/Au:N/C:N/I:P/A:P"},{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html","reference_id":"","reference_type":"","scores":[],"url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"},{"reference_url":"https://www.exploit-db.com/exploits/42943/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/42943/"},{"reference_url":"https://www.kb.cert.org/vuls/id/973527","reference_id":"","reference_type":"","scores":[],"url":"https://www.kb.cert.org/vuls/id/973527"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"},{"reference_url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq","reference_id":"","reference_type":"","scores":[],"url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"},{"reference_url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=3d4ff1ba8419546490b464418223132529514033","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=3d4ff1ba8419546490b464418223132529514033"},{"reference_url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt"},{"reference_url":"http://www.debian.org/security/2017/dsa-3989","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3989"},{"reference_url":"http://www.securityfocus.com/bid/101085","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101085"},{"reference_url":"http://www.securitytracker.com/id/1039474","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039474"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495411","reference_id":"1495411","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495411"},{"reference_url":"https://security.archlinux.org/ASA-201710-1","reference_id":"ASA-201710-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-1"},{"reference_url":"https://security.archlinux.org/AVG-421","reference_id":"AVG-421","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-421"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42943.py","reference_id":"CVE-2017-14493","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42943.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14493","reference_id":"CVE-2017-14493","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14493"},{"reference_url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14493.py","reference_id":"CVE-2017-14493","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14493.py"},{"reference_url":"https://security.gentoo.org/glsa/201710-27","reference_id":"GLSA-201710-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2836","reference_id":"RHSA-2017:2836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2837","reference_id":"RHSA-2017:2837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2837"},{"reference_url":"https://usn.ubuntu.com/3430-1/","reference_id":"USN-3430-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-1/"},{"reference_url":"https://usn.ubuntu.com/3430-2/","reference_id":"USN-3430-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035829?format=json","purl":"pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-4fwm-653p-ufcj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-d3nu-fztq-nffg"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-huvr-uav1-ffex"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037114?format=json","purl":"pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037958?format=json","purl":"pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1"}],"aliases":["CVE-2017-14493"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b2dc-msms-bfee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60388?format=json","vulnerability_id":"VCID-d3nu-fztq-nffg","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3294.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3294.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3294","reference_id":"","reference_type":"","scores":[{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.39998","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40145","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40171","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40092","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40158","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40168","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.4013","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40111","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3294"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1215747","reference_id":"1215747","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1215747"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783459","reference_id":"783459","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783459"},{"reference_url":"https://security.gentoo.org/glsa/201512-01","reference_id":"GLSA-201512-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201512-01"},{"reference_url":"https://usn.ubuntu.com/2593-1/","reference_id":"USN-2593-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2593-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035827?format=json","purl":"pkg:deb/debian/dnsmasq@2.62-3%2Bdeb7u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-4fwm-653p-ufcj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-d3nu-fztq-nffg"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-huvr-uav1-ffex"},{"vulnerability":"VCID-hxys-tpgq-3uf6"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-jum5-ndq3-xbhp"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nc6t-132e-cqda"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.62-3%252Bdeb7u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1035829?format=json","purl":"pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-4fwm-653p-ufcj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-d3nu-fztq-nffg"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-huvr-uav1-ffex"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037114?format=json","purl":"pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2"}],"aliases":["CVE-2015-3294"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d3nu-fztq-nffg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61409?format=json","vulnerability_id":"VCID-gnkg-afmr-r7aq","summary":"Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0934.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0934.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0934","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06784","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06626","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06687","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06731","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06715","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06766","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06799","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06797","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06791","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0934"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html","reference_id":"016272.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/"}],"url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014715","reference_id":"1014715","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014715"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2057075","reference_id":"2057075","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2057075"},{"reference_url":"https://security.archlinux.org/AVG-2716","reference_id":"AVG-2716","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2716"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2022-0934","reference_id":"CVE-2022-0934","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2022-0934"},{"reference_url":"https://security.gentoo.org/glsa/202412-10","reference_id":"GLSA-202412-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-10"},{"reference_url":"https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39","reference_id":"?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/"}],"url":"https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7633","reference_id":"RHSA-2022:7633","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8070","reference_id":"RHSA-2022:8070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1545","reference_id":"RHSA-2024:1545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1545"},{"reference_url":"https://usn.ubuntu.com/5408-1/","reference_id":"USN-5408-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5408-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585985?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1"}],"aliases":["CVE-2022-0934"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gnkg-afmr-r7aq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84044?format=json","vulnerability_id":"VCID-hr7r-mgk2-67aw","summary":"dnsmasq: Size parameter overflow via large DNS query","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13704.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13704.json"},{"reference_url":"https://access.redhat.com/security/vulnerabilities/3199382","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/security/vulnerabilities/3199382"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13704","reference_id":"","reference_type":"","scores":[{"value":"0.79318","scoring_system":"epss","scoring_elements":"0.99064","published_at":"2026-04-01T12:55:00Z"},{"value":"0.79318","scoring_system":"epss","scoring_elements":"0.99075","published_at":"2026-04-13T12:55:00Z"},{"value":"0.79318","scoring_system":"epss","scoring_elements":"0.99073","published_at":"2026-04-11T12:55:00Z"},{"value":"0.79318","scoring_system":"epss","scoring_elements":"0.99074","published_at":"2026-04-09T12:55:00Z"},{"value":"0.79318","scoring_system":"epss","scoring_elements":"0.99065","published_at":"2026-04-02T12:55:00Z"},{"value":"0.79318","scoring_system":"epss","scoring_elements":"0.9907","published_at":"2026-04-04T12:55:00Z"},{"value":"0.79318","scoring_system":"epss","scoring_elements":"0.99072","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13704"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13704"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/"},{"reference_url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html","reference_id":"","reference_type":"","scores":[],"url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"},{"reference_url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq","reference_id":"","reference_type":"","scores":[],"url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"},{"reference_url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928"},{"reference_url":"http://www.securityfocus.com/bid/101085","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101085"},{"reference_url":"http://www.securityfocus.com/bid/101977","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101977"},{"reference_url":"http://www.securitytracker.com/id/1039474","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039474"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495510","reference_id":"1495510","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495510"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877102","reference_id":"877102","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877102"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-13704","reference_id":"CVE-2017-13704","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-13704"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037958?format=json","purl":"pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1"}],"aliases":["CVE-2017-13704"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hr7r-mgk2-67aw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82285?format=json","vulnerability_id":"VCID-huvr-uav1-ffex","summary":"dnsmasq: Improper bounds checking leads to a buffer overread","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14513.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14513.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14513","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14595","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14644","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14715","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14527","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14616","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14673","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14633","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14535","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14513"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14513","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14513"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1739422","reference_id":"1739422","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1739422"},{"reference_url":"https://usn.ubuntu.com/4924-1/","reference_id":"USN-4924-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4924-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037114?format=json","purl":"pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2"}],"aliases":["CVE-2019-14513"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-huvr-uav1-ffex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33672?format=json","vulnerability_id":"VCID-hxys-tpgq-3uf6","summary":"A vulnerability in Dnsmasq can lead to a Denial of Service\n    condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0198.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0198.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0198","reference_id":"","reference_type":"","scores":[{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15801","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15857","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15923","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15985","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15785","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.1587","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15932","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15908","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0198"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0198","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0198"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:072","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:072"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/01/18/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2013/01/18/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/01/18/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2013/01/18/7"},{"reference_url":"http://www.thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=22ce550e5346947a12a781ed0959a7b1165d0dc6","reference_id":"","reference_type":"","scores":[],"url":"http://www.thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=22ce550e5346947a12a781ed0959a7b1165d0dc6"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=894486","reference_id":"894486","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=894486"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0198","reference_id":"CVE-2013-0198","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0198"},{"reference_url":"https://security.gentoo.org/glsa/201406-24","reference_id":"GLSA-201406-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035828?format=json","purl":"pkg:deb/debian/dnsmasq@2.72-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-4fwm-653p-ufcj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-d3nu-fztq-nffg"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-huvr-uav1-ffex"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3"}],"aliases":["CVE-2013-0198"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hxys-tpgq-3uf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46212?format=json","vulnerability_id":"VCID-jj87-61kf-mufs","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25686.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25686.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25686","reference_id":"","reference_type":"","scores":[{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61242","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61368","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61402","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61387","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61321","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.6135","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61319","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61366","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61381","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1890125","reference_id":"1890125","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1890125"},{"reference_url":"https://security.archlinux.org/ASA-202101-38","reference_id":"ASA-202101-38","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-38"},{"reference_url":"https://security.archlinux.org/AVG-1470","reference_id":"AVG-1470","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1470"},{"reference_url":"https://security.gentoo.org/glsa/202101-17","reference_id":"GLSA-202101-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0150","reference_id":"RHSA-2021:0150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0151","reference_id":"RHSA-2021:0151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0152","reference_id":"RHSA-2021:0152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0153","reference_id":"RHSA-2021:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0154","reference_id":"RHSA-2021:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0155","reference_id":"RHSA-2021:0155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0156","reference_id":"RHSA-2021:0156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0240","reference_id":"RHSA-2021:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0245","reference_id":"RHSA-2021:0245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0395","reference_id":"RHSA-2021:0395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0401","reference_id":"RHSA-2021:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0401"},{"reference_url":"https://usn.ubuntu.com/4698-1/","reference_id":"USN-4698-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4698-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037958?format=json","purl":"pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/585984?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1"}],"aliases":["CVE-2020-25686"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jj87-61kf-mufs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33671?format=json","vulnerability_id":"VCID-jum5-ndq3-xbhp","summary":"A vulnerability in Dnsmasq can lead to a Denial of Service\n    condition.","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0276.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0276.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0277.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0277.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0579.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0579.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3411.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3411.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3411","reference_id":"","reference_type":"","scores":[{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75323","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75267","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75271","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75304","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75282","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75324","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75335","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75356","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75334","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3411"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3411","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3411"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=2f38141f434e23292f84cefc33e8de76fb856147","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=2f38141f434e23292f84cefc33e8de76fb856147"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=54dd393f3938fc0c19088fbd319b95e37d81a2b0","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=54dd393f3938fc0c19088fbd319b95e37d81a2b0"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:072","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:072"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/07/12/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/07/12/5"},{"reference_url":"http://www.securityfocus.com/bid/54353","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/54353"},{"reference_url":"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372","reference_id":"683372","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=833033","reference_id":"833033","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=833033"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3411","reference_id":"CVE-2012-3411","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3411"},{"reference_url":"https://security.gentoo.org/glsa/201406-24","reference_id":"GLSA-201406-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0276","reference_id":"RHSA-2013:0276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0276"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0277","reference_id":"RHSA-2013:0277","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0277"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0579","reference_id":"RHSA-2013:0579","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0579"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035828?format=json","purl":"pkg:deb/debian/dnsmasq@2.72-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-4fwm-653p-ufcj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-d3nu-fztq-nffg"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-huvr-uav1-ffex"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3"}],"aliases":["CVE-2012-3411"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jum5-ndq3-xbhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46043?format=json","vulnerability_id":"VCID-k9w6-f6aw-dbey","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14491.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14491.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14491","reference_id":"","reference_type":"","scores":[{"value":"0.57794","scoring_system":"epss","scoring_elements":"0.98177","published_at":"2026-04-13T12:55:00Z"},{"value":"0.57794","scoring_system":"epss","scoring_elements":"0.98176","published_at":"2026-04-12T12:55:00Z"},{"value":"0.62655","scoring_system":"epss","scoring_elements":"0.98378","published_at":"2026-04-11T12:55:00Z"},{"value":"0.62655","scoring_system":"epss","scoring_elements":"0.98361","published_at":"2026-04-01T12:55:00Z"},{"value":"0.62655","scoring_system":"epss","scoring_elements":"0.98364","published_at":"2026-04-02T12:55:00Z"},{"value":"0.62655","scoring_system":"epss","scoring_elements":"0.98366","published_at":"2026-04-04T12:55:00Z"},{"value":"0.62655","scoring_system":"epss","scoring_elements":"0.9837","published_at":"2026-04-07T12:55:00Z"},{"value":"0.62655","scoring_system":"epss","scoring_elements":"0.98374","published_at":"2026-04-08T12:55:00Z"},{"value":"0.62655","scoring_system":"epss","scoring_elements":"0.98376","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495409","reference_id":"1495409","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495409"},{"reference_url":"https://security.archlinux.org/ASA-201710-1","reference_id":"ASA-201710-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-1"},{"reference_url":"https://security.archlinux.org/AVG-421","reference_id":"AVG-421","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-421"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42941.py","reference_id":"CVE-2017-14491","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42941.py"},{"reference_url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14491.py","reference_id":"CVE-2017-14491","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14491.py"},{"reference_url":"https://security.gentoo.org/glsa/201710-27","reference_id":"GLSA-201710-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2836","reference_id":"RHSA-2017:2836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2837","reference_id":"RHSA-2017:2837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2838","reference_id":"RHSA-2017:2838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2839","reference_id":"RHSA-2017:2839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2840","reference_id":"RHSA-2017:2840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2841","reference_id":"RHSA-2017:2841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2841"},{"reference_url":"https://usn.ubuntu.com/3430-1/","reference_id":"USN-3430-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-1/"},{"reference_url":"https://usn.ubuntu.com/3430-2/","reference_id":"USN-3430-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035829?format=json","purl":"pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-4fwm-653p-ufcj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-d3nu-fztq-nffg"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-huvr-uav1-ffex"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037114?format=json","purl":"pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037958?format=json","purl":"pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1"}],"aliases":["CVE-2017-14491"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k9w6-f6aw-dbey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46209?format=json","vulnerability_id":"VCID-khrt-9ar9-wbc3","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25683.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25683.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25683","reference_id":"","reference_type":"","scores":[{"value":"0.31317","scoring_system":"epss","scoring_elements":"0.9674","published_at":"2026-04-01T12:55:00Z"},{"value":"0.31317","scoring_system":"epss","scoring_elements":"0.9677","published_at":"2026-04-13T12:55:00Z"},{"value":"0.31317","scoring_system":"epss","scoring_elements":"0.96764","published_at":"2026-04-09T12:55:00Z"},{"value":"0.31317","scoring_system":"epss","scoring_elements":"0.96767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.31317","scoring_system":"epss","scoring_elements":"0.9675","published_at":"2026-04-02T12:55:00Z"},{"value":"0.31317","scoring_system":"epss","scoring_elements":"0.96751","published_at":"2026-04-04T12:55:00Z"},{"value":"0.31317","scoring_system":"epss","scoring_elements":"0.96756","published_at":"2026-04-07T12:55:00Z"},{"value":"0.31317","scoring_system":"epss","scoring_elements":"0.96763","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1882018","reference_id":"1882018","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1882018"},{"reference_url":"https://security.archlinux.org/ASA-202101-38","reference_id":"ASA-202101-38","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-38"},{"reference_url":"https://security.archlinux.org/AVG-1470","reference_id":"AVG-1470","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1470"},{"reference_url":"https://security.gentoo.org/glsa/202101-17","reference_id":"GLSA-202101-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0150","reference_id":"RHSA-2021:0150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0151","reference_id":"RHSA-2021:0151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0152","reference_id":"RHSA-2021:0152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0152"},{"reference_url":"https://usn.ubuntu.com/4698-1/","reference_id":"USN-4698-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4698-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037958?format=json","purl":"pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/585984?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1"}],"aliases":["CVE-2020-25683"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-khrt-9ar9-wbc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46044?format=json","vulnerability_id":"VCID-kxbw-1fr9-8kb3","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"},{"reference_url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561","reference_id":"","reference_type":"","scores":[],"url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14492.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14492.json"},{"reference_url":"https://access.redhat.com/security/vulnerabilities/3199382","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/security/vulnerabilities/3199382"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14492","reference_id":"","reference_type":"","scores":[{"value":"0.92841","scoring_system":"epss","scoring_elements":"0.99763","published_at":"2026-04-01T12:55:00Z"},{"value":"0.92841","scoring_system":"epss","scoring_elements":"0.99766","published_at":"2026-04-11T12:55:00Z"},{"value":"0.92841","scoring_system":"epss","scoring_elements":"0.99764","published_at":"2026-04-04T12:55:00Z"},{"value":"0.92841","scoring_system":"epss","scoring_elements":"0.99765","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14492"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv2","scoring_elements":"AV:A/AC:L/Au:N/C:N/I:P/A:P"},{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html","reference_id":"","reference_type":"","scores":[],"url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"},{"reference_url":"https://www.exploit-db.com/exploits/42942/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/42942/"},{"reference_url":"https://www.kb.cert.org/vuls/id/973527","reference_id":"","reference_type":"","scores":[],"url":"https://www.kb.cert.org/vuls/id/973527"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"},{"reference_url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq","reference_id":"","reference_type":"","scores":[],"url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"},{"reference_url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=24036ea507862c7b7898b68289c8130f85599c10","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=24036ea507862c7b7898b68289c8130f85599c10"},{"reference_url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt"},{"reference_url":"http://www.debian.org/security/2017/dsa-3989","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3989"},{"reference_url":"http://www.securityfocus.com/bid/101085","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101085"},{"reference_url":"http://www.securitytracker.com/id/1039474","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039474"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495410","reference_id":"1495410","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495410"},{"reference_url":"https://security.archlinux.org/ASA-201710-1","reference_id":"ASA-201710-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-1"},{"reference_url":"https://security.archlinux.org/AVG-421","reference_id":"AVG-421","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-421"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42942.py","reference_id":"CVE-2017-14492","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42942.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14492","reference_id":"CVE-2017-14492","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14492"},{"reference_url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14492.py","reference_id":"CVE-2017-14492","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14492.py"},{"reference_url":"https://security.gentoo.org/glsa/201710-27","reference_id":"GLSA-201710-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2836","reference_id":"RHSA-2017:2836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2837","reference_id":"RHSA-2017:2837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2837"},{"reference_url":"https://usn.ubuntu.com/3430-1/","reference_id":"USN-3430-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-1/"},{"reference_url":"https://usn.ubuntu.com/3430-2/","reference_id":"USN-3430-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035829?format=json","purl":"pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-4fwm-653p-ufcj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-d3nu-fztq-nffg"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-huvr-uav1-ffex"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037114?format=json","purl":"pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037958?format=json","purl":"pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1"}],"aliases":["CVE-2017-14492"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kxbw-1fr9-8kb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81120?format=json","vulnerability_id":"VCID-nc6t-132e-cqda","summary":"dnsmasq: insecure default configuration makes it an open resolver","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14312.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14312.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14312","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32749","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3288","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32915","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32737","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32785","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32811","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32813","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32775","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14312"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1851342","reference_id":"1851342","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1851342"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732610","reference_id":"732610","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732610"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035828?format=json","purl":"pkg:deb/debian/dnsmasq@2.72-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-4fwm-653p-ufcj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-d3nu-fztq-nffg"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-huvr-uav1-ffex"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3"}],"aliases":["CVE-2020-14312"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nc6t-132e-cqda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46213?format=json","vulnerability_id":"VCID-nrja-2ajq-mfek","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25687.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25687.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25687","reference_id":"","reference_type":"","scores":[{"value":"0.22","scoring_system":"epss","scoring_elements":"0.95739","published_at":"2026-04-01T12:55:00Z"},{"value":"0.22","scoring_system":"epss","scoring_elements":"0.95776","published_at":"2026-04-13T12:55:00Z"},{"value":"0.22","scoring_system":"epss","scoring_elements":"0.9577","published_at":"2026-04-09T12:55:00Z"},{"value":"0.22","scoring_system":"epss","scoring_elements":"0.95774","published_at":"2026-04-12T12:55:00Z"},{"value":"0.22","scoring_system":"epss","scoring_elements":"0.95748","published_at":"2026-04-02T12:55:00Z"},{"value":"0.22","scoring_system":"epss","scoring_elements":"0.95756","published_at":"2026-04-04T12:55:00Z"},{"value":"0.22","scoring_system":"epss","scoring_elements":"0.95759","published_at":"2026-04-07T12:55:00Z"},{"value":"0.22","scoring_system":"epss","scoring_elements":"0.95767","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1891568","reference_id":"1891568","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1891568"},{"reference_url":"https://security.archlinux.org/ASA-202101-38","reference_id":"ASA-202101-38","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-38"},{"reference_url":"https://security.archlinux.org/AVG-1470","reference_id":"AVG-1470","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1470"},{"reference_url":"https://security.gentoo.org/glsa/202101-17","reference_id":"GLSA-202101-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0150","reference_id":"RHSA-2021:0150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0151","reference_id":"RHSA-2021:0151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0152","reference_id":"RHSA-2021:0152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0152"},{"reference_url":"https://usn.ubuntu.com/4698-1/","reference_id":"USN-4698-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4698-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037958?format=json","purl":"pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/585984?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1"}],"aliases":["CVE-2020-25687"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nrja-2ajq-mfek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46210?format=json","vulnerability_id":"VCID-nute-d491-mqa9","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25684.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25684.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25684","reference_id":"","reference_type":"","scores":[{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49417","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49466","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49492","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49464","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49445","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49472","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.4948","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49475","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1889686","reference_id":"1889686","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1889686"},{"reference_url":"https://security.archlinux.org/ASA-202101-38","reference_id":"ASA-202101-38","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-38"},{"reference_url":"https://security.archlinux.org/AVG-1470","reference_id":"AVG-1470","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1470"},{"reference_url":"https://security.gentoo.org/glsa/202101-17","reference_id":"GLSA-202101-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0150","reference_id":"RHSA-2021:0150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0151","reference_id":"RHSA-2021:0151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0152","reference_id":"RHSA-2021:0152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0153","reference_id":"RHSA-2021:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0154","reference_id":"RHSA-2021:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0155","reference_id":"RHSA-2021:0155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0156","reference_id":"RHSA-2021:0156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0240","reference_id":"RHSA-2021:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0245","reference_id":"RHSA-2021:0245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0395","reference_id":"RHSA-2021:0395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0401","reference_id":"RHSA-2021:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0401"},{"reference_url":"https://usn.ubuntu.com/4698-1/","reference_id":"USN-4698-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4698-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037958?format=json","purl":"pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/585984?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1"}],"aliases":["CVE-2020-25684"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nute-d491-mqa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61410?format=json","vulnerability_id":"VCID-p726-bqvu-dfda","summary":"Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28450.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28450.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28450","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01618","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01607","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01624","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01626","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01633","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01619","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01609","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28450"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28450"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033165","reference_id":"1033165","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033165"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2178948","reference_id":"2178948","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2178948"},{"reference_url":"https://capec.mitre.org/data/definitions/495.html","reference_id":"495.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/"}],"url":"https://capec.mitre.org/data/definitions/495.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV/","reference_id":"6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV/"},{"reference_url":"https://thekelleys.org.uk/dnsmasq/doc.html","reference_id":"doc.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/"}],"url":"https://thekelleys.org.uk/dnsmasq/doc.html"},{"reference_url":"https://security.gentoo.org/glsa/202412-10","reference_id":"GLSA-202412-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-10"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA/","reference_id":"OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA/"},{"reference_url":"https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG","reference_id":"?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/"}],"url":"https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG"},{"reference_url":"https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5","reference_id":"?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/"}],"url":"https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6524","reference_id":"RHSA-2023:6524","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6524"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7046","reference_id":"RHSA-2023:7046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1544","reference_id":"RHSA-2024:1544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1545","reference_id":"RHSA-2024:1545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4052","reference_id":"RHSA-2024:4052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4052"},{"reference_url":"https://usn.ubuntu.com/6034-1/","reference_id":"USN-6034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6034-1/"},{"reference_url":"https://usn.ubuntu.com/6657-1/","reference_id":"USN-6657-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-1/"},{"reference_url":"https://usn.ubuntu.com/6657-2/","reference_id":"USN-6657-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585985?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1"}],"aliases":["CVE-2023-28450"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p726-bqvu-dfda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64683?format=json","vulnerability_id":"VCID-qs1p-1j9u-3khg","summary":"dnsmasq: dnsmasq-utils 'dhcp_release' Denial of Service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-37127.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-37127.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-37127","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00393","published_at":"2026-04-01T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00397","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00377","published_at":"2026-04-13T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00386","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00383","published_at":"2026-04-08T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00384","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00382","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00378","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-37127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-37127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-37127"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437103","reference_id":"2437103","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437103"},{"reference_url":"https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1","reference_id":"2.79-1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T21:17:56Z/"}],"url":"https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1"},{"reference_url":"https://www.exploit-db.com/exploits/48301","reference_id":"48301","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T21:17:56Z/"}],"url":"https://www.exploit-db.com/exploits/48301"},{"reference_url":"https://www.vulncheck.com/advisories/dnsmasq-utils-dhcprelease-denial-of-service","reference_id":"dnsmasq-utils-dhcprelease-denial-of-service","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T21:17:56Z/"}],"url":"https://www.vulncheck.com/advisories/dnsmasq-utils-dhcprelease-denial-of-service"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037958?format=json","purl":"pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1"}],"aliases":["CVE-2020-37127"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qs1p-1j9u-3khg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46048?format=json","vulnerability_id":"VCID-r15f-fgv8-s3h2","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"},{"reference_url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561","reference_id":"","reference_type":"","scores":[],"url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14495.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14495.json"},{"reference_url":"https://access.redhat.com/security/vulnerabilities/3199382","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/security/vulnerabilities/3199382"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14495","reference_id":"","reference_type":"","scores":[{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.9796","published_at":"2026-04-01T12:55:00Z"},{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.9798","published_at":"2026-04-13T12:55:00Z"},{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.97968","published_at":"2026-04-07T12:55:00Z"},{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.97973","published_at":"2026-04-08T12:55:00Z"},{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.97974","published_at":"2026-04-09T12:55:00Z"},{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.97977","published_at":"2026-04-11T12:55:00Z"},{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.97979","published_at":"2026-04-12T12:55:00Z"},{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.97963","published_at":"2026-04-02T12:55:00Z"},{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.97965","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14495"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14495"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html","reference_id":"","reference_type":"","scores":[],"url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"},{"reference_url":"https://www.exploit-db.com/exploits/42945/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/42945/"},{"reference_url":"https://www.kb.cert.org/vuls/id/973527","reference_id":"","reference_type":"","scores":[],"url":"https://www.kb.cert.org/vuls/id/973527"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"},{"reference_url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq","reference_id":"","reference_type":"","scores":[],"url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"},{"reference_url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=51eadb692a5123b9838e5a68ecace3ac579a3a45","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=51eadb692a5123b9838e5a68ecace3ac579a3a45"},{"reference_url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt"},{"reference_url":"http://www.debian.org/security/2017/dsa-3989","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3989"},{"reference_url":"http://www.securityfocus.com/bid/101085","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101085"},{"reference_url":"http://www.securityfocus.com/bid/101977","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101977"},{"reference_url":"http://www.securitytracker.com/id/1039474","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039474"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495415","reference_id":"1495415","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495415"},{"reference_url":"https://security.archlinux.org/ASA-201710-1","reference_id":"ASA-201710-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-1"},{"reference_url":"https://security.archlinux.org/AVG-421","reference_id":"AVG-421","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-421"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42945.py","reference_id":"CVE-2017-14495","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42945.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14495","reference_id":"CVE-2017-14495","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14495"},{"reference_url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14495.py","reference_id":"CVE-2017-14495","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14495.py"},{"reference_url":"https://security.gentoo.org/glsa/201710-27","reference_id":"GLSA-201710-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2836","reference_id":"RHSA-2017:2836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2836"},{"reference_url":"https://usn.ubuntu.com/3430-1/","reference_id":"USN-3430-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-1/"},{"reference_url":"https://usn.ubuntu.com/3430-2/","reference_id":"USN-3430-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037958?format=json","purl":"pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1"}],"aliases":["CVE-2017-14495"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r15f-fgv8-s3h2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46049?format=json","vulnerability_id":"VCID-ru4r-dtwq-sub2","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"},{"reference_url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561","reference_id":"","reference_type":"","scores":[],"url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14496.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14496.json"},{"reference_url":"https://access.redhat.com/security/vulnerabilities/3199382","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/security/vulnerabilities/3199382"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14496","reference_id":"","reference_type":"","scores":[{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.94927","published_at":"2026-04-01T12:55:00Z"},{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.9496","published_at":"2026-04-13T12:55:00Z"},{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.94951","published_at":"2026-04-09T12:55:00Z"},{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.94956","published_at":"2026-04-11T12:55:00Z"},{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.94958","published_at":"2026-04-12T12:55:00Z"},{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.94935","published_at":"2026-04-02T12:55:00Z"},{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.94937","published_at":"2026-04-04T12:55:00Z"},{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.94938","published_at":"2026-04-07T12:55:00Z"},{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.94947","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14496"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14496"},{"reference_url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html","reference_id":"","reference_type":"","scores":[],"url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"},{"reference_url":"https://source.android.com/security/bulletin/2017-10-01","reference_id":"","reference_type":"","scores":[],"url":"https://source.android.com/security/bulletin/2017-10-01"},{"reference_url":"https://www.exploit-db.com/exploits/42946/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/42946/"},{"reference_url":"https://www.kb.cert.org/vuls/id/973527","reference_id":"","reference_type":"","scores":[],"url":"https://www.kb.cert.org/vuls/id/973527"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"},{"reference_url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq","reference_id":"","reference_type":"","scores":[],"url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"},{"reference_url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=897c113fda0886a28a986cc6ba17bb93bd6cb1c7","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=897c113fda0886a28a986cc6ba17bb93bd6cb1c7"},{"reference_url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt"},{"reference_url":"http://www.debian.org/security/2017/dsa-3989","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3989"},{"reference_url":"http://www.securityfocus.com/bid/101085","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101085"},{"reference_url":"http://www.securityfocus.com/bid/101977","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101977"},{"reference_url":"http://www.securitytracker.com/id/1039474","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039474"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495416","reference_id":"1495416","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495416"},{"reference_url":"https://security.archlinux.org/ASA-201710-1","reference_id":"ASA-201710-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-1"},{"reference_url":"https://security.archlinux.org/AVG-421","reference_id":"AVG-421","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-421"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42946.py","reference_id":"CVE-2017-14496","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42946.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14496","reference_id":"CVE-2017-14496","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14496"},{"reference_url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14496.py","reference_id":"CVE-2017-14496","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14496.py"},{"reference_url":"https://security.gentoo.org/glsa/201710-27","reference_id":"GLSA-201710-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2836","reference_id":"RHSA-2017:2836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2836"},{"reference_url":"https://usn.ubuntu.com/3430-1/","reference_id":"USN-3430-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-1/"},{"reference_url":"https://usn.ubuntu.com/3430-2/","reference_id":"USN-3430-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037958?format=json","purl":"pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1"}],"aliases":["CVE-2017-14496"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ru4r-dtwq-sub2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46046?format=json","vulnerability_id":"VCID-snzd-3st5-8yb1","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"},{"reference_url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561","reference_id":"","reference_type":"","scores":[],"url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14494.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14494.json"},{"reference_url":"https://access.redhat.com/security/vulnerabilities/3199382","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/security/vulnerabilities/3199382"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14494","reference_id":"","reference_type":"","scores":[{"value":"0.10987","scoring_system":"epss","scoring_elements":"0.93389","published_at":"2026-04-01T12:55:00Z"},{"value":"0.10987","scoring_system":"epss","scoring_elements":"0.93423","published_at":"2026-04-13T12:55:00Z"},{"value":"0.10987","scoring_system":"epss","scoring_elements":"0.93405","published_at":"2026-04-07T12:55:00Z"},{"value":"0.10987","scoring_system":"epss","scoring_elements":"0.93413","published_at":"2026-04-08T12:55:00Z"},{"value":"0.10987","scoring_system":"epss","scoring_elements":"0.93417","published_at":"2026-04-09T12:55:00Z"},{"value":"0.10987","scoring_system":"epss","scoring_elements":"0.93422","published_at":"2026-04-11T12:55:00Z"},{"value":"0.10987","scoring_system":"epss","scoring_elements":"0.93421","published_at":"2026-04-12T12:55:00Z"},{"value":"0.10987","scoring_system":"epss","scoring_elements":"0.93397","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv2","scoring_elements":"AV:A/AC:L/Au:N/C:P/I:N/A:N"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html","reference_id":"","reference_type":"","scores":[],"url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"},{"reference_url":"https://www.exploit-db.com/exploits/42944/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/42944/"},{"reference_url":"https://www.kb.cert.org/vuls/id/973527","reference_id":"","reference_type":"","scores":[],"url":"https://www.kb.cert.org/vuls/id/973527"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"},{"reference_url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq","reference_id":"","reference_type":"","scores":[],"url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"},{"reference_url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=33e3f1029c9ec6c63e430ff51063a6301d4b2262","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=33e3f1029c9ec6c63e430ff51063a6301d4b2262"},{"reference_url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt"},{"reference_url":"http://www.debian.org/security/2017/dsa-3989","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3989"},{"reference_url":"http://www.securityfocus.com/bid/101085","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101085"},{"reference_url":"http://www.securitytracker.com/id/1039474","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039474"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495412","reference_id":"1495412","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495412"},{"reference_url":"https://security.archlinux.org/ASA-201710-1","reference_id":"ASA-201710-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-1"},{"reference_url":"https://security.archlinux.org/AVG-421","reference_id":"AVG-421","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-421"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42944.py","reference_id":"CVE-2017-14494","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42944.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14494","reference_id":"CVE-2017-14494","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14494"},{"reference_url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14494.py","reference_id":"CVE-2017-14494","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14494.py"},{"reference_url":"https://security.gentoo.org/glsa/201710-27","reference_id":"GLSA-201710-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2836","reference_id":"RHSA-2017:2836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2837","reference_id":"RHSA-2017:2837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2837"},{"reference_url":"https://usn.ubuntu.com/3430-1/","reference_id":"USN-3430-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-1/"},{"reference_url":"https://usn.ubuntu.com/3430-2/","reference_id":"USN-3430-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035829?format=json","purl":"pkg:deb/debian/dnsmasq@2.72-3%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-4fwm-653p-ufcj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-d3nu-fztq-nffg"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-huvr-uav1-ffex"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037114?format=json","purl":"pkg:deb/debian/dnsmasq@2.76-5%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-5%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037958?format=json","purl":"pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1"}],"aliases":["CVE-2017-14494"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-snzd-3st5-8yb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61412?format=json","vulnerability_id":"VCID-vprj-j7u6-zbe7","summary":"Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50868","reference_id":"","reference_type":"","scores":[{"value":"0.11802","scoring_system":"epss","scoring_elements":"0.93712","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11802","scoring_system":"epss","scoring_elements":"0.93708","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11802","scoring_system":"epss","scoring_elements":"0.93706","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11802","scoring_system":"epss","scoring_elements":"0.93696","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11802","scoring_system":"epss","scoring_elements":"0.93684","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11802","scoring_system":"epss","scoring_elements":"0.93713","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11802","scoring_system":"epss","scoring_elements":"0.93694","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html","reference_id":"017430.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845","reference_id":"1063845","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852","reference_id":"1063852","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751","reference_id":"1077751","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/16/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/16/2"},{"reference_url":"https://www.isc.org/blogs/2024-bind-security-release/","reference_id":"2024-bind-security-release","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://www.isc.org/blogs/2024-bind-security-release/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263917","reference_id":"2263917","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263917"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/16/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/16/3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/","reference_id":"6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/","reference_id":"BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/"},{"reference_url":"https://kb.isc.org/docs/cve-2023-50868","reference_id":"cve-2023-50868","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://kb.isc.org/docs/cve-2023-50868"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-50868","reference_id":"CVE-2023-50868","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-50868"},{"reference_url":"https://security.gentoo.org/glsa/202412-10","reference_id":"GLSA-202412-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-10"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/","reference_id":"HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/","reference_id":"IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html","reference_id":"msg00006.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240307-0008/","reference_id":"ntap-20240307-0008","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240307-0008/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/","reference_id":"PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/"},{"reference_url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html","reference_id":"powerdns-advisory-2024-01.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html"},{"reference_url":"https://datatracker.ietf.org/doc/html/rfc5155","reference_id":"rfc5155","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://datatracker.ietf.org/doc/html/rfc5155"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/","reference_id":"RGS7JN6FZXUSTC2XKQHH27574XOULYYJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0965","reference_id":"RHSA-2024:0965","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0977","reference_id":"RHSA-2024:0977","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0981","reference_id":"RHSA-2024:0981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0982","reference_id":"RHSA-2024:0982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11003","reference_id":"RHSA-2024:11003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1334","reference_id":"RHSA-2024:1334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1335","reference_id":"RHSA-2024:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1522","reference_id":"RHSA-2024:1522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1543","reference_id":"RHSA-2024:1543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1544","reference_id":"RHSA-2024:1544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1545","reference_id":"RHSA-2024:1545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1647","reference_id":"RHSA-2024:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1648","reference_id":"RHSA-2024:1648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1781","reference_id":"RHSA-2024:1781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1782","reference_id":"RHSA-2024:1782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1789","reference_id":"RHSA-2024:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1800","reference_id":"RHSA-2024:1800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1801","reference_id":"RHSA-2024:1801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1803","reference_id":"RHSA-2024:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1804","reference_id":"RHSA-2024:1804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2551","reference_id":"RHSA-2024:2551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2587","reference_id":"RHSA-2024:2587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2696","reference_id":"RHSA-2024:2696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2720","reference_id":"RHSA-2024:2720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2721","reference_id":"RHSA-2024:2721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2821","reference_id":"RHSA-2024:2821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2890","reference_id":"RHSA-2024:2890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3271","reference_id":"RHSA-2024:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3741","reference_id":"RHSA-2024:3741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3877","reference_id":"RHSA-2024:3877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3929","reference_id":"RHSA-2024:3929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0039","reference_id":"RHSA-2025:0039","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0039"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1219826","reference_id":"show_bug.cgi?id=1219826","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1219826"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/","reference_id":"SVYA42BLXUCIDLD35YIJPJSHDIADNYMP","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/","reference_id":"TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/"},{"reference_url":"https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/","reference_id":"unbound-1.19.1-released","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/","reference_id":"UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/"},{"reference_url":"https://usn.ubuntu.com/6633-1/","reference_id":"USN-6633-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6633-1/"},{"reference_url":"https://usn.ubuntu.com/6642-1/","reference_id":"USN-6642-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6642-1/"},{"reference_url":"https://usn.ubuntu.com/6657-1/","reference_id":"USN-6657-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-1/"},{"reference_url":"https://usn.ubuntu.com/6657-2/","reference_id":"USN-6657-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-2/"},{"reference_url":"https://usn.ubuntu.com/6665-1/","reference_id":"USN-6665-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6665-1/"},{"reference_url":"https://usn.ubuntu.com/6723-1/","reference_id":"USN-6723-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6723-1/"},{"reference_url":"https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1","reference_id":"v5.7.1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","reference_id":"ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585985?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1"}],"aliases":["CVE-2023-50868"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vprj-j7u6-zbe7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59314?format=json","vulnerability_id":"VCID-vshb-4mjd-qugr","summary":"Use of insufficient randomness in Dnsmasq might lead to DNS Cache\n    Poisoning.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3448.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3448.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3448","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12634","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12605","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12738","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12784","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12591","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1267","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12723","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1269","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1265","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3448"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3448","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3448"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1939368","reference_id":"1939368","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1939368"},{"reference_url":"https://security.archlinux.org/AVG-1703","reference_id":"AVG-1703","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1703"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24/","reference_id":"CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7/","reference_id":"FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V/","reference_id":"GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V/"},{"reference_url":"https://security.gentoo.org/glsa/202105-20","reference_id":"GLSA-202105-20","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/"}],"url":"https://security.gentoo.org/glsa/202105-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4153","reference_id":"RHSA-2021:4153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4153"},{"reference_url":"https://usn.ubuntu.com/4976-1/","reference_id":"USN-4976-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4976-1/"},{"reference_url":"https://usn.ubuntu.com/4976-2/","reference_id":"USN-4976-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4976-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585984?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1"}],"aliases":["CVE-2021-3448"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vshb-4mjd-qugr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83719?format=json","vulnerability_id":"VCID-xge7-87zv-tbev","summary":"dnsmasq: Improper validation of wildcard synthesized NSEC records","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15107.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15107.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15107","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07189","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07198","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09521","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09536","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09586","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09499","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09574","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09621","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09628","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15107"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15107","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15107"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1510570","reference_id":"1510570","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1510570"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888200","reference_id":"888200","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888200"},{"reference_url":"https://security.archlinux.org/ASA-201801-32","reference_id":"ASA-201801-32","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-32"},{"reference_url":"https://security.archlinux.org/AVG-592","reference_id":"AVG-592","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-592"},{"reference_url":"https://usn.ubuntu.com/4924-1/","reference_id":"USN-4924-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4924-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037958?format=json","purl":"pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1"}],"aliases":["CVE-2017-15107"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xge7-87zv-tbev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46206?format=json","vulnerability_id":"VCID-yaj9-mfyu-uqdm","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25681.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25681.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25681","reference_id":"","reference_type":"","scores":[{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.97582","published_at":"2026-04-01T12:55:00Z"},{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.97606","published_at":"2026-04-13T12:55:00Z"},{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.97603","published_at":"2026-04-11T12:55:00Z"},{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.97605","published_at":"2026-04-12T12:55:00Z"},{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.97588","published_at":"2026-04-02T12:55:00Z"},{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.97591","published_at":"2026-04-04T12:55:00Z"},{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.97592","published_at":"2026-04-07T12:55:00Z"},{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.97598","published_at":"2026-04-08T12:55:00Z"},{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.976","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1881875","reference_id":"1881875","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1881875"},{"reference_url":"https://security.archlinux.org/ASA-202101-38","reference_id":"ASA-202101-38","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-38"},{"reference_url":"https://security.archlinux.org/AVG-1470","reference_id":"AVG-1470","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1470"},{"reference_url":"https://security.gentoo.org/glsa/202101-17","reference_id":"GLSA-202101-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0150","reference_id":"RHSA-2021:0150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0151","reference_id":"RHSA-2021:0151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0152","reference_id":"RHSA-2021:0152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0152"},{"reference_url":"https://usn.ubuntu.com/4698-1/","reference_id":"USN-4698-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4698-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037958?format=json","purl":"pkg:deb/debian/dnsmasq@2.80-1%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%252Bdeb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/585984?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-vprj-j7u6-zbe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1"}],"aliases":["CVE-2020-25681"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yaj9-mfyu-uqdm"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37085?format=json","vulnerability_id":"VCID-antt-5fzu-87dw","summary":"Multiple vulnerabilities in Dnsmasq might result in the remote execution of\n    arbitrary code, or a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2958.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2958.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2958","reference_id":"","reference_type":"","scores":[{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78273","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.7828","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78311","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78293","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78319","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78325","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78351","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78334","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78327","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=519020","reference_id":"519020","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=519020"},{"reference_url":"https://security.gentoo.org/glsa/200909-19","reference_id":"GLSA-200909-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200909-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1238","reference_id":"RHSA-2009:1238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1238"},{"reference_url":"https://usn.ubuntu.com/827-1/","reference_id":"USN-827-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/827-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035825?format=json","purl":"pkg:deb/debian/dnsmasq@2.55-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-4fwm-653p-ufcj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-d3nu-fztq-nffg"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-huvr-uav1-ffex"},{"vulnerability":"VCID-hxys-tpgq-3uf6"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-jum5-ndq3-xbhp"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nc6t-132e-cqda"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.55-2"}],"aliases":["CVE-2009-2958"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-antt-5fzu-87dw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37084?format=json","vulnerability_id":"VCID-bed9-8jhu-pkf9","summary":"Multiple vulnerabilities in Dnsmasq might result in the remote execution of\n    arbitrary code, or a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2957.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2957.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2957","reference_id":"","reference_type":"","scores":[{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92345","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92352","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92359","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92362","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92374","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92379","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92384","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92387","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92385","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=519020","reference_id":"519020","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=519020"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9617.txt","reference_id":"CVE-2009-2958;CVE-2009-2957;OSVDB-57593;OSVDB-57592","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9617.txt"},{"reference_url":"http://www.coresecurity.com/content/dnsmasq-vulnerabilities","reference_id":"CVE-2009-2958;CVE-2009-2957;OSVDB-57593;OSVDB-57592","reference_type":"exploit","scores":[],"url":"http://www.coresecurity.com/content/dnsmasq-vulnerabilities"},{"reference_url":"https://security.gentoo.org/glsa/200909-19","reference_id":"GLSA-200909-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200909-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1238","reference_id":"RHSA-2009:1238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1238"},{"reference_url":"https://usn.ubuntu.com/827-1/","reference_id":"USN-827-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/827-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035825?format=json","purl":"pkg:deb/debian/dnsmasq@2.55-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4a66-hb88-jbgp"},{"vulnerability":"VCID-4fwm-653p-ufcj"},{"vulnerability":"VCID-66sa-bc5p-jqde"},{"vulnerability":"VCID-69jf-2cmm-tkhj"},{"vulnerability":"VCID-a9ya-bnnp-hyc4"},{"vulnerability":"VCID-b2dc-msms-bfee"},{"vulnerability":"VCID-d3nu-fztq-nffg"},{"vulnerability":"VCID-gnkg-afmr-r7aq"},{"vulnerability":"VCID-hr7r-mgk2-67aw"},{"vulnerability":"VCID-huvr-uav1-ffex"},{"vulnerability":"VCID-hxys-tpgq-3uf6"},{"vulnerability":"VCID-jj87-61kf-mufs"},{"vulnerability":"VCID-jum5-ndq3-xbhp"},{"vulnerability":"VCID-k9w6-f6aw-dbey"},{"vulnerability":"VCID-khrt-9ar9-wbc3"},{"vulnerability":"VCID-kxbw-1fr9-8kb3"},{"vulnerability":"VCID-nc6t-132e-cqda"},{"vulnerability":"VCID-nrja-2ajq-mfek"},{"vulnerability":"VCID-nute-d491-mqa9"},{"vulnerability":"VCID-p726-bqvu-dfda"},{"vulnerability":"VCID-qs1p-1j9u-3khg"},{"vulnerability":"VCID-r15f-fgv8-s3h2"},{"vulnerability":"VCID-ru4r-dtwq-sub2"},{"vulnerability":"VCID-snzd-3st5-8yb1"},{"vulnerability":"VCID-vprj-j7u6-zbe7"},{"vulnerability":"VCID-vshb-4mjd-qugr"},{"vulnerability":"VCID-xge7-87zv-tbev"},{"vulnerability":"VCID-yaj9-mfyu-uqdm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.55-2"}],"aliases":["CVE-2009-2957"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bed9-8jhu-pkf9"}],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.55-2"}