{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","type":"deb","namespace":"debian","name":"dnsmasq","version":"2.85-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.85-1+deb11u1","latest_non_vulnerable_version":"2.92-3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75379?format=json","vulnerability_id":"VCID-1bzd-pqhn-hqfj","summary":"dnsmasq: vulnerable to Integer Overflow via forward_query","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49441.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-49441.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49441","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02143","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0212","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02148","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02144","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02162","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02139","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02124","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-49441"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49441","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49441"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2023q4/017332.html","reference_id":"017332.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T18:34:35Z/"}],"url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2023q4/017332.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2290849","reference_id":"2290849","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2290849"},{"reference_url":"https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=65c2d6afd67a032f45f40d7e4d620f5d73e5f07d","reference_id":"?p=dnsmasq.git%3Ba=commit%3Bh=65c2d6afd67a032f45f40d7e4d620f5d73e5f07d","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T18:34:35Z/"}],"url":"https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=65c2d6afd67a032f45f40d7e4d620f5d73e5f07d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582124?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2023-49441"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1bzd-pqhn-hqfj"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91358?format=json","vulnerability_id":"VCID-2ajy-5x5f-bqdk","summary":"Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers to execute arbitrary code via the DHCP lease file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0876","reference_id":"","reference_type":"","scores":[{"value":"0.0222","scoring_system":"epss","scoring_elements":"0.84494","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0222","scoring_system":"epss","scoring_elements":"0.84423","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0222","scoring_system":"epss","scoring_elements":"0.84438","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0222","scoring_system":"epss","scoring_elements":"0.84457","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0222","scoring_system":"epss","scoring_elements":"0.84459","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0222","scoring_system":"epss","scoring_elements":"0.8448","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0222","scoring_system":"epss","scoring_elements":"0.84486","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0222","scoring_system":"epss","scoring_elements":"0.84504","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0222","scoring_system":"epss","scoring_elements":"0.84499","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0876"},{"reference_url":"http://secunia.com/advisories/14691","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/14691"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/19825","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/19825"},{"reference_url":"http://www.securityfocus.com/bid/12897","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/12897"},{"reference_url":"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:dnsmasq:dnsmasq:2.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:dnsmasq:dnsmasq:2.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:dnsmasq:dnsmasq:2.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:dnsmasq:dnsmasq:2.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:dnsmasq:dnsmasq:2.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:dnsmasq:dnsmasq:2.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:dnsmasq:dnsmasq:2.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dnsmasq:dnsmasq:2.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-0876","reference_id":"CVE-2005-0876","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-0876"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583931?format=json","purl":"pkg:deb/debian/dnsmasq@2.21?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.21%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2005-0876"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2ajy-5x5f-bqdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31419?format=json","vulnerability_id":"VCID-3x7u-ajbx-6fht","summary":"Two vulnerabilities in dnsmasq might allow for a Denial of Service or\n    spoofing of DNS replies.","references":[{"reference_url":"http://article.gmane.org/gmane.network.dns.dnsmasq.general/2189","reference_id":"","reference_type":"","scores":[],"url":"http://article.gmane.org/gmane.network.dns.dnsmasq.general/2189"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3350.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3350.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3350","reference_id":"","reference_type":"","scores":[{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78836","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78787","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78794","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78825","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78807","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78833","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78839","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78863","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78846","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3350"},{"reference_url":"http://secunia.com/advisories/31197","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31197"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43957","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43957"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43960","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43960"},{"reference_url":"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2166","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2166"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:the_kelleys:dnsmasq:2.43:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:the_kelleys:dnsmasq:2.43:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:the_kelleys:dnsmasq:2.43:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3350","reference_id":"CVE-2008-3350","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3350"},{"reference_url":"https://security.gentoo.org/glsa/200809-02","reference_id":"GLSA-200809-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200809-02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584243?format=json","purl":"pkg:deb/debian/dnsmasq@2.44-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.44-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2008-3350"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3x7u-ajbx-6fht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81902?format=json","vulnerability_id":"VCID-4a66-hb88-jbgp","summary":"dnsmasq: memory leak in the create_helper() function in /src/helper.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14834.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14834.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14834","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12755","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12856","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12907","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12712","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12792","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12843","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12809","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12772","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12725","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14834"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764425","reference_id":"1764425","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1764425"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948373","reference_id":"948373","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1715","reference_id":"RHSA-2020:1715","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1715"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3878","reference_id":"RHSA-2020:3878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3878"},{"reference_url":"https://usn.ubuntu.com/4698-1/","reference_id":"USN-4698-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4698-1/"},{"reference_url":"https://usn.ubuntu.com/7689-1/","reference_id":"USN-7689-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7689-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583283?format=json","purl":"pkg:deb/debian/dnsmasq@2.81-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.81-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2019-14834"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4a66-hb88-jbgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85451?format=json","vulnerability_id":"VCID-4fwm-653p-ufcj","summary":"dnsmasq: Denial-of-service when empty address from DNS overlays A record from hosts","references":[{"reference_url":"http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010479.html"},{"reference_url":"http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010505.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q2/010505.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8899.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8899.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8899","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23692","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23792","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23748","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23716","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23833","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23873","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23661","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23731","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23777","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8899"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=41a8d9e99be9f2cc8b02051dd322cb45e0faac87","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=41a8d9e99be9f2cc8b02051dd322cb45e0faac87"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/06/03/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/06/03/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/06/04/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/06/04/2"},{"reference_url":"http://www.securityfocus.com/bid/91031","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91031"},{"reference_url":"http://www.securitytracker.com/id/1036045","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036045"},{"reference_url":"http://www.ubuntu.com/usn/USN-3009-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3009-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1343072","reference_id":"1343072","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1343072"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8899","reference_id":"CVE-2015-8899","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8899"},{"reference_url":"https://usn.ubuntu.com/3009-1/","reference_id":"USN-3009-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3009-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586370?format=json","purl":"pkg:deb/debian/dnsmasq@2.76-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2015-8899"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4fwm-653p-ufcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61411?format=json","vulnerability_id":"VCID-66sa-bc5p-jqde","summary":"Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50387","reference_id":"","reference_type":"","scores":[{"value":"0.51989","scoring_system":"epss","scoring_elements":"0.97913","published_at":"2026-04-12T12:55:00Z"},{"value":"0.51989","scoring_system":"epss","scoring_elements":"0.97912","published_at":"2026-04-11T12:55:00Z"},{"value":"0.51989","scoring_system":"epss","scoring_elements":"0.97909","published_at":"2026-04-09T12:55:00Z"},{"value":"0.51989","scoring_system":"epss","scoring_elements":"0.97898","published_at":"2026-04-04T12:55:00Z"},{"value":"0.51989","scoring_system":"epss","scoring_elements":"0.97906","published_at":"2026-04-08T12:55:00Z"},{"value":"0.51989","scoring_system":"epss","scoring_elements":"0.97901","published_at":"2026-04-07T12:55:00Z"},{"value":"0.51989","scoring_system":"epss","scoring_elements":"0.97896","published_at":"2026-04-02T12:55:00Z"},{"value":"0.51989","scoring_system":"epss","scoring_elements":"0.97914","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html","reference_id":"017430.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845","reference_id":"1063845","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852","reference_id":"1063852","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750","reference_id":"1077750","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/16/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/16/2"},{"reference_url":"https://www.isc.org/blogs/2024-bind-security-release/","reference_id":"2024-bind-security-release","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.isc.org/blogs/2024-bind-security-release/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263914","reference_id":"2263914","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263914"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/16/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/16/3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/","reference_id":"6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/","reference_id":"BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/"},{"reference_url":"https://kb.isc.org/docs/cve-2023-50387","reference_id":"cve-2023-50387","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://kb.isc.org/docs/cve-2023-50387"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-50387","reference_id":"CVE-2023-50387","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-50387"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387","reference_id":"CVE-2023-50387","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387"},{"reference_url":"https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/","reference_id":"dnssec_vulnerability_internet","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/"},{"reference_url":"https://security.gentoo.org/glsa/202412-10","reference_id":"GLSA-202412-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-10"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/","reference_id":"HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/","reference_id":"IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/"},{"reference_url":"https://news.ycombinator.com/item?id=39367411","reference_id":"item?id=39367411","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://news.ycombinator.com/item?id=39367411"},{"reference_url":"https://news.ycombinator.com/item?id=39372384","reference_id":"item?id=39372384","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://news.ycombinator.com/item?id=39372384"},{"reference_url":"https://www.athene-center.de/aktuelles/key-trap","reference_id":"key-trap","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.athene-center.de/aktuelles/key-trap"},{"reference_url":"https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/","reference_id":"keytrap-dns-attack-could-disable-large-parts-of-internet-researchers","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html","reference_id":"msg00006.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240307-0007/","reference_id":"ntap-20240307-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240307-0007/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/","reference_id":"PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/"},{"reference_url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html","reference_id":"powerdns-advisory-2024-01.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/","reference_id":"RGS7JN6FZXUSTC2XKQHH27574XOULYYJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0965","reference_id":"RHSA-2024:0965","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0977","reference_id":"RHSA-2024:0977","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0981","reference_id":"RHSA-2024:0981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0982","reference_id":"RHSA-2024:0982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11003","reference_id":"RHSA-2024:11003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1334","reference_id":"RHSA-2024:1334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1335","reference_id":"RHSA-2024:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1522","reference_id":"RHSA-2024:1522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1543","reference_id":"RHSA-2024:1543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1544","reference_id":"RHSA-2024:1544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1545","reference_id":"RHSA-2024:1545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1647","reference_id":"RHSA-2024:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1648","reference_id":"RHSA-2024:1648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1781","reference_id":"RHSA-2024:1781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1782","reference_id":"RHSA-2024:1782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1789","reference_id":"RHSA-2024:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1800","reference_id":"RHSA-2024:1800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1801","reference_id":"RHSA-2024:1801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1803","reference_id":"RHSA-2024:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1804","reference_id":"RHSA-2024:1804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2551","reference_id":"RHSA-2024:2551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2587","reference_id":"RHSA-2024:2587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2696","reference_id":"RHSA-2024:2696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2720","reference_id":"RHSA-2024:2720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2721","reference_id":"RHSA-2024:2721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2821","reference_id":"RHSA-2024:2821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2890","reference_id":"RHSA-2024:2890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3271","reference_id":"RHSA-2024:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3741","reference_id":"RHSA-2024:3741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3877","reference_id":"RHSA-2024:3877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3929","reference_id":"RHSA-2024:3929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0039","reference_id":"RHSA-2025:0039","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0039"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1219823","reference_id":"show_bug.cgi?id=1219823","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1219823"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/","reference_id":"SVYA42BLXUCIDLD35YIJPJSHDIADNYMP","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/"},{"reference_url":"https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf","reference_id":"Technical_Report_KeyTrap.pdf","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/","reference_id":"TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/"},{"reference_url":"https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/","reference_id":"unbound-1.19.1-released","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/","reference_id":"UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/"},{"reference_url":"https://usn.ubuntu.com/6633-1/","reference_id":"USN-6633-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6633-1/"},{"reference_url":"https://usn.ubuntu.com/6642-1/","reference_id":"USN-6642-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6642-1/"},{"reference_url":"https://usn.ubuntu.com/6657-1/","reference_id":"USN-6657-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-1/"},{"reference_url":"https://usn.ubuntu.com/6657-2/","reference_id":"USN-6657-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-2/"},{"reference_url":"https://usn.ubuntu.com/6665-1/","reference_id":"USN-6665-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6665-1/"},{"reference_url":"https://usn.ubuntu.com/6723-1/","reference_id":"USN-6723-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6723-1/"},{"reference_url":"https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1","reference_id":"v5.7.1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","reference_id":"ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582123?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582124?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2023-50387"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-66sa-bc5p-jqde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46207?format=json","vulnerability_id":"VCID-69jf-2cmm-tkhj","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25682.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25682.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25682","reference_id":"","reference_type":"","scores":[{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96955","published_at":"2026-04-01T12:55:00Z"},{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96983","published_at":"2026-04-13T12:55:00Z"},{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96981","published_at":"2026-04-11T12:55:00Z"},{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96982","published_at":"2026-04-12T12:55:00Z"},{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96962","published_at":"2026-04-02T12:55:00Z"},{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96966","published_at":"2026-04-04T12:55:00Z"},{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96969","published_at":"2026-04-07T12:55:00Z"},{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96977","published_at":"2026-04-08T12:55:00Z"},{"value":"0.34287","scoring_system":"epss","scoring_elements":"0.96978","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1882014","reference_id":"1882014","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1882014"},{"reference_url":"https://security.archlinux.org/ASA-202101-38","reference_id":"ASA-202101-38","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-38"},{"reference_url":"https://security.archlinux.org/AVG-1470","reference_id":"AVG-1470","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1470"},{"reference_url":"https://security.gentoo.org/glsa/202101-17","reference_id":"GLSA-202101-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0150","reference_id":"RHSA-2021:0150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0151","reference_id":"RHSA-2021:0151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0152","reference_id":"RHSA-2021:0152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0152"},{"reference_url":"https://usn.ubuntu.com/4698-1/","reference_id":"USN-4698-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4698-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584169?format=json","purl":"pkg:deb/debian/dnsmasq@2.83-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.83-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2020-25682"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-69jf-2cmm-tkhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31420?format=json","vulnerability_id":"VCID-8fbf-8fea-27d9","summary":"Two vulnerabilities in dnsmasq might allow for a Denial of Service or\n    spoofing of DNS replies.","references":[{"reference_url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc"},{"reference_url":"http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html","reference_id":"","reference_type":"","scores":[],"url":"http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html"},{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520"},{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01662368"},{"reference_url":"http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"},{"reference_url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"},{"reference_url":"http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=121630706004256&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=121630706004256&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=121866517322103&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=121866517322103&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=123324863916385&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=123324863916385&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=141879471518471&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=141879471518471&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2008-0533.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2008-0533.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1447","reference_id":"","reference_type":"","scores":[{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99423","published_at":"2026-04-13T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99422","published_at":"2026-04-11T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99417","published_at":"2026-04-01T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99416","published_at":"2026-04-02T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99418","published_at":"2026-04-07T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.99419","published_at":"2026-04-08T12:55:00Z"},{"value":"0.86697","scoring_system":"epss","scoring_elements":"0.9942","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447"},{"reference_url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037","reference_id":"","reference_type":"","scores":[],"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037"},{"reference_url":"http://secunia.com/advisories/30925","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30925"},{"reference_url":"http://secunia.com/advisories/30973","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30973"},{"reference_url":"http://secunia.com/advisories/30977","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30977"},{"reference_url":"http://secunia.com/advisories/30979","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30979"},{"reference_url":"http://secunia.com/advisories/30980","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30980"},{"reference_url":"http://secunia.com/advisories/30988","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30988"},{"reference_url":"http://secunia.com/advisories/30989","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30989"},{"reference_url":"http://secunia.com/advisories/30998","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30998"},{"reference_url":"http://secunia.com/advisories/31011","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31011"},{"reference_url":"http://secunia.com/advisories/31012","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31012"},{"reference_url":"http://secunia.com/advisories/31014","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31014"},{"reference_url":"http://secunia.com/advisories/31019","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31019"},{"reference_url":"http://secunia.com/advisories/31022","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31022"},{"reference_url":"http://secunia.com/advisories/31030","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31030"},{"reference_url":"http://secunia.com/advisories/31031","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31031"},{"reference_url":"http://secunia.com/advisories/31033","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31033"},{"reference_url":"http://secunia.com/advisories/31052","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31052"},{"reference_url":"http://secunia.com/advisories/31065","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31065"},{"reference_url":"http://secunia.com/advisories/31072","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31072"},{"reference_url":"http://secunia.com/advisories/31093","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31093"},{"reference_url":"http://secunia.com/advisories/31094","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31094"},{"reference_url":"http://secunia.com/advisories/31137","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31137"},{"reference_url":"http://secunia.com/advisories/31143","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31143"},{"reference_url":"http://secunia.com/advisories/31151","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31151"},{"reference_url":"http://secunia.com/advisories/31152","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31152"},{"reference_url":"http://secunia.com/advisories/31153","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31153"},{"reference_url":"http://secunia.com/advisories/31169","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31169"},{"reference_url":"http://secunia.com/advisories/31197","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31197"},{"reference_url":"http://secunia.com/advisories/31199","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31199"},{"reference_url":"http://secunia.com/advisories/31204","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31204"},{"reference_url":"http://secunia.com/advisories/31207","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31207"},{"reference_url":"http://secunia.com/advisories/31209","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31209"},{"reference_url":"http://secunia.com/advisories/31212","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31212"},{"reference_url":"http://secunia.com/advisories/31213","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31213"},{"reference_url":"http://secunia.com/advisories/31221","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31221"},{"reference_url":"http://secunia.com/advisories/31236","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31236"},{"reference_url":"http://secunia.com/advisories/31237","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31237"},{"reference_url":"http://secunia.com/advisories/31254","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31254"},{"reference_url":"http://secunia.com/advisories/31326","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31326"},{"reference_url":"http://secunia.com/advisories/31354","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31354"},{"reference_url":"http://secunia.com/advisories/31422","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31422"},{"reference_url":"http://secunia.com/advisories/31430","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31430"},{"reference_url":"http://secunia.com/advisories/31451","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31451"},{"reference_url":"http://secunia.com/advisories/31482","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31482"},{"reference_url":"http://secunia.com/advisories/31495","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31495"},{"reference_url":"http://secunia.com/advisories/31588","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31588"},{"reference_url":"http://secunia.com/advisories/31687","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31687"},{"reference_url":"http://secunia.com/advisories/31823","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31823"},{"reference_url":"http://secunia.com/advisories/31882","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31882"},{"reference_url":"http://secunia.com/advisories/31900","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/31900"},{"reference_url":"http://secunia.com/advisories/33178","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33178"},{"reference_url":"http://secunia.com/advisories/33714","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33714"},{"reference_url":"http://secunia.com/advisories/33786","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33786"},{"reference_url":"http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc","reference_id":"","reference_type":"","scores":[],"url":"http://security.freebsd.org/advisories/FreeBSD-SA-08:06.bind.asc"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200807-08.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200807-08.xml"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200812-17.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200812-17.xml"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201209-25.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201209-25.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43334","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43334"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43637","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43637"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.452680"},{"reference_url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239","reference_id":"","reference_type":"","scores":[],"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.539239"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12117"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5725"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5761"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5917"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9627"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1"},{"reference_url":"http://support.apple.com/kb/HT3026","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3026"},{"reference_url":"http://support.apple.com/kb/HT3129","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT3129"},{"reference_url":"http://support.citrix.com/article/CTX117991","reference_id":"","reference_type":"","scores":[],"url":"http://support.citrix.com/article/CTX117991"},{"reference_url":"http://support.citrix.com/article/CTX118183","reference_id":"","reference_type":"","scores":[],"url":"http://support.citrix.com/article/CTX118183"},{"reference_url":"http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152","reference_id":"","reference_type":"","scores":[],"url":"http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=762152"},{"reference_url":"https://www.exploit-db.com/exploits/6122","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/6122"},{"reference_url":"https://www.exploit-db.com/exploits/6123","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/6123"},{"reference_url":"https://www.exploit-db.com/exploits/6130","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/6130"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html"},{"reference_url":"https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"},{"reference_url":"http://up2date.astaro.com/2008/08/up2date_7202_released.html","reference_id":"","reference_type":"","scores":[],"url":"http://up2date.astaro.com/2008/08/up2date_7202_released.html"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0231"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018","reference_id":"","reference_type":"","scores":[],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2010-0018"},{"reference_url":"http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning","reference_id":"","reference_type":"","scores":[],"url":"http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning"},{"reference_url":"http://www.caughq.org/exploits/CAU-EX-2008-0002.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.caughq.org/exploits/CAU-EX-2008-0002.txt"},{"reference_url":"http://www.caughq.org/exploits/CAU-EX-2008-0003.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.caughq.org/exploits/CAU-EX-2008-0003.txt"},{"reference_url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml","reference_id":"","reference_type":"","scores":[],"url":"http://www.cisco.com/en/US/products/products_security_advisory09186a00809c2168.shtml"},{"reference_url":"http://www.debian.org/security/2008/dsa-1603","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1603"},{"reference_url":"http://www.debian.org/security/2008/dsa-1604","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1604"},{"reference_url":"http://www.debian.org/security/2008/dsa-1605","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1605"},{"reference_url":"http://www.debian.org/security/2008/dsa-1619","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1619"},{"reference_url":"http://www.debian.org/security/2008/dsa-1623","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1623"},{"reference_url":"http://www.doxpara.com/DMK_BO2K8.ppt","reference_id":"","reference_type":"","scores":[],"url":"http://www.doxpara.com/DMK_BO2K8.ppt"},{"reference_url":"http://www.doxpara.com/?p=1176","reference_id":"","reference_type":"","scores":[],"url":"http://www.doxpara.com/?p=1176"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26667","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26667"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26668","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26668"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26669","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26669"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26670","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26670"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26671","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26671"},{"reference_url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26672","reference_id":"","reference_type":"","scores":[],"url":"http://www.ibm.com/support/docview.wss?uid=isg1IZ26672"},{"reference_url":"http://www.ipcop.org/index.php?name=News&file=article&sid=40","reference_id":"","reference_type":"","scores":[],"url":"http://www.ipcop.org/index.php?name=News&file=article&sid=40"},{"reference_url":"http://www.isc.org/index.pl?/sw/bind/bind-security.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.isc.org/index.pl?/sw/bind/bind-security.php"},{"reference_url":"http://www.kb.cert.org/vuls/id/800113","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/800113"},{"reference_url":"http://www.kb.cert.org/vuls/id/MIMG-7DWR4J","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/MIMG-7DWR4J"},{"reference_url":"http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/MIMG-7ECL8Q"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:139","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:139"},{"reference_url":"http://www.nominum.com/asset_upload_file741_2661.pdf","reference_id":"","reference_type":"","scores":[],"url":"http://www.nominum.com/asset_upload_file741_2661.pdf"},{"reference_url":"http://www.novell.com/support/viewContent.do?externalId=7000912","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/support/viewContent.do?externalId=7000912"},{"reference_url":"http://www.openbsd.org/errata42.html#013_bind","reference_id":"","reference_type":"","scores":[],"url":"http://www.openbsd.org/errata42.html#013_bind"},{"reference_url":"http://www.openbsd.org/errata43.html#004_bind","reference_id":"","reference_type":"","scores":[],"url":"http://www.openbsd.org/errata43.html#004_bind"},{"reference_url":"http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog","reference_id":"","reference_type":"","scores":[],"url":"http://www.phys.uu.nl/~rombouts/pdnsd/ChangeLog"},{"reference_url":"http://www.phys.uu.nl/~rombouts/pdnsd.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.phys.uu.nl/~rombouts/pdnsd.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0789.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2008-0789.html"},{"reference_url":"http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/VU800113.html"},{"reference_url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"},{"reference_url":"http://www.securityfocus.com/archive/1/495289/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/495289/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/495869/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/495869/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/30131","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/30131"},{"reference_url":"http://www.securitytracker.com/id?1020437","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020437"},{"reference_url":"http://www.securitytracker.com/id?1020438","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020438"},{"reference_url":"http://www.securitytracker.com/id?1020440","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020440"},{"reference_url":"http://www.securitytracker.com/id?1020448","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020448"},{"reference_url":"http://www.securitytracker.com/id?1020449","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020449"},{"reference_url":"http://www.securitytracker.com/id?1020548","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020548"},{"reference_url":"http://www.securitytracker.com/id?1020558","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020558"},{"reference_url":"http://www.securitytracker.com/id?1020560","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020560"},{"reference_url":"http://www.securitytracker.com/id?1020561","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020561"},{"reference_url":"http://www.securitytracker.com/id?1020575","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020575"},{"reference_url":"http://www.securitytracker.com/id?1020576","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020576"},{"reference_url":"http://www.securitytracker.com/id?1020577","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020577"},{"reference_url":"http://www.securitytracker.com/id?1020578","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020578"},{"reference_url":"http://www.securitytracker.com/id?1020579","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020579"},{"reference_url":"http://www.securitytracker.com/id?1020651","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020651"},{"reference_url":"http://www.securitytracker.com/id?1020653","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020653"},{"reference_url":"http://www.securitytracker.com/id?1020702","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020702"},{"reference_url":"http://www.securitytracker.com/id?1020802","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020802"},{"reference_url":"http://www.securitytracker.com/id?1020804","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1020804"},{"reference_url":"http://www.ubuntu.com/usn/usn-622-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-622-1"},{"reference_url":"http://www.ubuntu.com/usn/usn-627-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-627-1"},{"reference_url":"http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA08-190A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA08-190A.html"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA08-190B.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA08-190B.html"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA08-260A.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.us-cert.gov/cas/techalerts/TA08-260A.html"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2008-0014.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.vmware.com/security/advisories/VMSA-2008-0014.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2019/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2019/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2023/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2023/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2025/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2025/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2029/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2029/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2030/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2030/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2050/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2050/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2051/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2051/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2052/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2052/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2055/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2055/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2092/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2092/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2113/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2113/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2114/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2114/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2123/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2123/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2139/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2139/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2166/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2166/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2195/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2195/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2196/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2196/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2197/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2197/references"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2268","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2268"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2291","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2291"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2334","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2334"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2342","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2342"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2377","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2377"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2383","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2383"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2384","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2384"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2466","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2466"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2467","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2467"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2482","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2482"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2525","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2525"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2549","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2549"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2558","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2558"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2582","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2582"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2584","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/2584"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0297","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0297"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0311","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0311"},{"reference_url":"http://www.vupen.com/english/advisories/2010/0622","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/0622"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=449345","reference_id":"449345","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=449345"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123","reference_id":"490123","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465","reference_id":"492465","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698","reference_id":"492698","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700","reference_id":"492700","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599","reference_id":"493599","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:isc:bind:9.2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:compute_cluster:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:datacenter:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:enterprise:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:standard:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp1:*:*:storage:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:compute_cluster:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:datacenter:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:enterprise:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:standard:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:itanium:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:storage:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*","reference_id":"cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:-:*:*:professional:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-1447","reference_id":"CVE-2008-1447","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-1447"},{"reference_url":"https://security.gentoo.org/glsa/200807-08","reference_id":"GLSA-200807-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200807-08"},{"reference_url":"https://security.gentoo.org/glsa/200809-02","reference_id":"GLSA-200809-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200809-02"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://security.gentoo.org/glsa/200901-03","reference_id":"GLSA-200901-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200901-03"},{"reference_url":"https://security.gentoo.org/glsa/201209-25","reference_id":"GLSA-201209-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-25"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb","reference_id":"OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py","reference_id":"OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c","reference_id":"OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232;OSVDB-46776","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0533","reference_id":"RHSA-2008:0533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0789","reference_id":"RHSA-2008:0789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0789"},{"reference_url":"https://usn.ubuntu.com/622-1/","reference_id":"USN-622-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/622-1/"},{"reference_url":"https://usn.ubuntu.com/627-1/","reference_id":"USN-627-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/627-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584523?format=json","purl":"pkg:deb/debian/dnsmasq@2.43-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.43-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2008-1447"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8fbf-8fea-27d9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46211?format=json","vulnerability_id":"VCID-a9ya-bnnp-hyc4","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25685.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25685.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25685","reference_id":"","reference_type":"","scores":[{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54629","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54715","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54752","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54736","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54699","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54722","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54692","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54744","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.5474","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1889688","reference_id":"1889688","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1889688"},{"reference_url":"https://security.archlinux.org/ASA-202101-38","reference_id":"ASA-202101-38","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-38"},{"reference_url":"https://security.archlinux.org/AVG-1470","reference_id":"AVG-1470","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1470"},{"reference_url":"https://security.gentoo.org/glsa/202101-17","reference_id":"GLSA-202101-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0150","reference_id":"RHSA-2021:0150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0151","reference_id":"RHSA-2021:0151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0152","reference_id":"RHSA-2021:0152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0153","reference_id":"RHSA-2021:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0154","reference_id":"RHSA-2021:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0155","reference_id":"RHSA-2021:0155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0156","reference_id":"RHSA-2021:0156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0240","reference_id":"RHSA-2021:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0245","reference_id":"RHSA-2021:0245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0395","reference_id":"RHSA-2021:0395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0401","reference_id":"RHSA-2021:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0401"},{"reference_url":"https://usn.ubuntu.com/4698-1/","reference_id":"USN-4698-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4698-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584169?format=json","purl":"pkg:deb/debian/dnsmasq@2.83-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.83-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2020-25685"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a9ya-bnnp-hyc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37085?format=json","vulnerability_id":"VCID-antt-5fzu-87dw","summary":"Multiple vulnerabilities in Dnsmasq might result in the remote execution of\n    arbitrary code, or a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2958.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2958.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2958","reference_id":"","reference_type":"","scores":[{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78273","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.7828","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78311","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78293","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78319","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78325","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78351","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78334","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01131","scoring_system":"epss","scoring_elements":"0.78327","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=519020","reference_id":"519020","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=519020"},{"reference_url":"https://security.gentoo.org/glsa/200909-19","reference_id":"GLSA-200909-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200909-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1238","reference_id":"RHSA-2009:1238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1238"},{"reference_url":"https://usn.ubuntu.com/827-1/","reference_id":"USN-827-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/827-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586136?format=json","purl":"pkg:deb/debian/dnsmasq@2.50-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.50-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2009-2958"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-antt-5fzu-87dw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46045?format=json","vulnerability_id":"VCID-b2dc-msms-bfee","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"},{"reference_url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561","reference_id":"","reference_type":"","scores":[],"url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14493.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14493.json"},{"reference_url":"https://access.redhat.com/security/vulnerabilities/3199382","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/security/vulnerabilities/3199382"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14493","reference_id":"","reference_type":"","scores":[{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.90026","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.90067","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.90045","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.9006","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.90066","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.90075","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.90073","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.90029","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.9004","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14493"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv2","scoring_elements":"AV:A/AC:L/Au:N/C:N/I:P/A:P"},{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html","reference_id":"","reference_type":"","scores":[],"url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"},{"reference_url":"https://www.exploit-db.com/exploits/42943/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/42943/"},{"reference_url":"https://www.kb.cert.org/vuls/id/973527","reference_id":"","reference_type":"","scores":[],"url":"https://www.kb.cert.org/vuls/id/973527"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"},{"reference_url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq","reference_id":"","reference_type":"","scores":[],"url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"},{"reference_url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=3d4ff1ba8419546490b464418223132529514033","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=3d4ff1ba8419546490b464418223132529514033"},{"reference_url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt"},{"reference_url":"http://www.debian.org/security/2017/dsa-3989","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3989"},{"reference_url":"http://www.securityfocus.com/bid/101085","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101085"},{"reference_url":"http://www.securitytracker.com/id/1039474","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039474"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495411","reference_id":"1495411","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495411"},{"reference_url":"https://security.archlinux.org/ASA-201710-1","reference_id":"ASA-201710-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-1"},{"reference_url":"https://security.archlinux.org/AVG-421","reference_id":"AVG-421","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-421"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42943.py","reference_id":"CVE-2017-14493","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42943.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14493","reference_id":"CVE-2017-14493","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14493"},{"reference_url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14493.py","reference_id":"CVE-2017-14493","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14493.py"},{"reference_url":"https://security.gentoo.org/glsa/201710-27","reference_id":"GLSA-201710-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2836","reference_id":"RHSA-2017:2836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2837","reference_id":"RHSA-2017:2837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2837"},{"reference_url":"https://usn.ubuntu.com/3430-1/","reference_id":"USN-3430-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-1/"},{"reference_url":"https://usn.ubuntu.com/3430-2/","reference_id":"USN-3430-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583971?format=json","purl":"pkg:deb/debian/dnsmasq@2.78-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.78-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2017-14493"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b2dc-msms-bfee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37084?format=json","vulnerability_id":"VCID-bed9-8jhu-pkf9","summary":"Multiple vulnerabilities in Dnsmasq might result in the remote execution of\n    arbitrary code, or a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2957.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2957.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2957","reference_id":"","reference_type":"","scores":[{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92345","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92352","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92359","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92362","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92374","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92379","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92384","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92387","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08525","scoring_system":"epss","scoring_elements":"0.92385","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=519020","reference_id":"519020","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=519020"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9617.txt","reference_id":"CVE-2009-2958;CVE-2009-2957;OSVDB-57593;OSVDB-57592","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/9617.txt"},{"reference_url":"http://www.coresecurity.com/content/dnsmasq-vulnerabilities","reference_id":"CVE-2009-2958;CVE-2009-2957;OSVDB-57593;OSVDB-57592","reference_type":"exploit","scores":[],"url":"http://www.coresecurity.com/content/dnsmasq-vulnerabilities"},{"reference_url":"https://security.gentoo.org/glsa/200909-19","reference_id":"GLSA-200909-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200909-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1238","reference_id":"RHSA-2009:1238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1238"},{"reference_url":"https://usn.ubuntu.com/827-1/","reference_id":"USN-827-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/827-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586136?format=json","purl":"pkg:deb/debian/dnsmasq@2.50-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.50-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2009-2957"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bed9-8jhu-pkf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60388?format=json","vulnerability_id":"VCID-d3nu-fztq-nffg","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3294.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3294.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3294","reference_id":"","reference_type":"","scores":[{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.39998","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40145","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40171","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40092","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40158","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40168","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.4013","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40111","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3294"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1215747","reference_id":"1215747","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1215747"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783459","reference_id":"783459","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783459"},{"reference_url":"https://security.gentoo.org/glsa/201512-01","reference_id":"GLSA-201512-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201512-01"},{"reference_url":"https://usn.ubuntu.com/2593-1/","reference_id":"USN-2593-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2593-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585006?format=json","purl":"pkg:deb/debian/dnsmasq@2.72-3.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.72-3.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2015-3294"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d3nu-fztq-nffg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61409?format=json","vulnerability_id":"VCID-gnkg-afmr-r7aq","summary":"Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0934.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0934.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0934","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06784","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06626","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06687","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06731","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06715","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06766","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06799","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06797","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06791","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0934"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html","reference_id":"016272.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/"}],"url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014715","reference_id":"1014715","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014715"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2057075","reference_id":"2057075","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2057075"},{"reference_url":"https://security.archlinux.org/AVG-2716","reference_id":"AVG-2716","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2716"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2022-0934","reference_id":"CVE-2022-0934","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2022-0934"},{"reference_url":"https://security.gentoo.org/glsa/202412-10","reference_id":"GLSA-202412-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-10"},{"reference_url":"https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39","reference_id":"?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T13:19:58Z/"}],"url":"https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7633","reference_id":"RHSA-2022:7633","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8070","reference_id":"RHSA-2022:8070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1545","reference_id":"RHSA-2024:1545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1545"},{"reference_url":"https://usn.ubuntu.com/5408-1/","reference_id":"USN-5408-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5408-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582123?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582669?format=json","purl":"pkg:deb/debian/dnsmasq@2.87-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.87-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2022-0934"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gnkg-afmr-r7aq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84044?format=json","vulnerability_id":"VCID-hr7r-mgk2-67aw","summary":"dnsmasq: Size parameter overflow via large DNS query","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13704.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13704.json"},{"reference_url":"https://access.redhat.com/security/vulnerabilities/3199382","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/security/vulnerabilities/3199382"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13704","reference_id":"","reference_type":"","scores":[{"value":"0.79318","scoring_system":"epss","scoring_elements":"0.99064","published_at":"2026-04-01T12:55:00Z"},{"value":"0.79318","scoring_system":"epss","scoring_elements":"0.99075","published_at":"2026-04-13T12:55:00Z"},{"value":"0.79318","scoring_system":"epss","scoring_elements":"0.99073","published_at":"2026-04-11T12:55:00Z"},{"value":"0.79318","scoring_system":"epss","scoring_elements":"0.99074","published_at":"2026-04-09T12:55:00Z"},{"value":"0.79318","scoring_system":"epss","scoring_elements":"0.99065","published_at":"2026-04-02T12:55:00Z"},{"value":"0.79318","scoring_system":"epss","scoring_elements":"0.9907","published_at":"2026-04-04T12:55:00Z"},{"value":"0.79318","scoring_system":"epss","scoring_elements":"0.99072","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13704"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13704"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/"},{"reference_url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html","reference_id":"","reference_type":"","scores":[],"url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"},{"reference_url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq","reference_id":"","reference_type":"","scores":[],"url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"},{"reference_url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928"},{"reference_url":"http://www.securityfocus.com/bid/101085","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101085"},{"reference_url":"http://www.securityfocus.com/bid/101977","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101977"},{"reference_url":"http://www.securitytracker.com/id/1039474","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039474"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495510","reference_id":"1495510","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495510"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877102","reference_id":"877102","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877102"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-13704","reference_id":"CVE-2017-13704","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-13704"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583971?format=json","purl":"pkg:deb/debian/dnsmasq@2.78-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.78-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2017-13704"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hr7r-mgk2-67aw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82285?format=json","vulnerability_id":"VCID-huvr-uav1-ffex","summary":"dnsmasq: Improper bounds checking leads to a buffer overread","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14513.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14513.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14513","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14595","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14644","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14715","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14527","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14616","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14673","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14633","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14535","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14513"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14513","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14513"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1739422","reference_id":"1739422","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1739422"},{"reference_url":"https://usn.ubuntu.com/4924-1/","reference_id":"USN-4924-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4924-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586370?format=json","purl":"pkg:deb/debian/dnsmasq@2.76-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.76-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2019-14513"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-huvr-uav1-ffex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33672?format=json","vulnerability_id":"VCID-hxys-tpgq-3uf6","summary":"A vulnerability in Dnsmasq can lead to a Denial of Service\n    condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0198.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0198.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0198","reference_id":"","reference_type":"","scores":[{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15801","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15857","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15923","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15985","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15785","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.1587","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15932","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15908","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0198"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0198","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0198"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:072","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:072"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/01/18/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2013/01/18/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/01/18/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2013/01/18/7"},{"reference_url":"http://www.thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=22ce550e5346947a12a781ed0959a7b1165d0dc6","reference_id":"","reference_type":"","scores":[],"url":"http://www.thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=22ce550e5346947a12a781ed0959a7b1165d0dc6"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=894486","reference_id":"894486","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=894486"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0198","reference_id":"CVE-2013-0198","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0198"},{"reference_url":"https://security.gentoo.org/glsa/201406-24","reference_id":"GLSA-201406-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-24"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582714?format=json","purl":"pkg:deb/debian/dnsmasq@2.66-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.66-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2013-0198"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hxys-tpgq-3uf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46212?format=json","vulnerability_id":"VCID-jj87-61kf-mufs","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25686.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25686.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25686","reference_id":"","reference_type":"","scores":[{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61242","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61368","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61402","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61387","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61321","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.6135","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61319","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61366","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61381","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1890125","reference_id":"1890125","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1890125"},{"reference_url":"https://security.archlinux.org/ASA-202101-38","reference_id":"ASA-202101-38","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-38"},{"reference_url":"https://security.archlinux.org/AVG-1470","reference_id":"AVG-1470","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1470"},{"reference_url":"https://security.gentoo.org/glsa/202101-17","reference_id":"GLSA-202101-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0150","reference_id":"RHSA-2021:0150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0151","reference_id":"RHSA-2021:0151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0152","reference_id":"RHSA-2021:0152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0153","reference_id":"RHSA-2021:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0154","reference_id":"RHSA-2021:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0155","reference_id":"RHSA-2021:0155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0156","reference_id":"RHSA-2021:0156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0240","reference_id":"RHSA-2021:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0245","reference_id":"RHSA-2021:0245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0395","reference_id":"RHSA-2021:0395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0401","reference_id":"RHSA-2021:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0401"},{"reference_url":"https://usn.ubuntu.com/4698-1/","reference_id":"USN-4698-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4698-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584169?format=json","purl":"pkg:deb/debian/dnsmasq@2.83-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.83-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2020-25686"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jj87-61kf-mufs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/33671?format=json","vulnerability_id":"VCID-jum5-ndq3-xbhp","summary":"A vulnerability in Dnsmasq can lead to a Denial of Service\n    condition.","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0276.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0276.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0277.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0277.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0579.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0579.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3411.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3411.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3411","reference_id":"","reference_type":"","scores":[{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75323","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75267","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75271","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75304","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75282","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75324","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75335","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75356","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00878","scoring_system":"epss","scoring_elements":"0.75334","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3411"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3411","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3411"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=2f38141f434e23292f84cefc33e8de76fb856147","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=2f38141f434e23292f84cefc33e8de76fb856147"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=54dd393f3938fc0c19088fbd319b95e37d81a2b0","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=54dd393f3938fc0c19088fbd319b95e37d81a2b0"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:072","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:072"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/07/12/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/07/12/5"},{"reference_url":"http://www.securityfocus.com/bid/54353","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/54353"},{"reference_url":"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372","reference_id":"683372","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=833033","reference_id":"833033","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=833033"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3411","reference_id":"CVE-2012-3411","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3411"},{"reference_url":"https://security.gentoo.org/glsa/201406-24","reference_id":"GLSA-201406-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0276","reference_id":"RHSA-2013:0276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0276"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0277","reference_id":"RHSA-2013:0277","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0277"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0579","reference_id":"RHSA-2013:0579","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0579"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586902?format=json","purl":"pkg:deb/debian/dnsmasq@2.63-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.63-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2012-3411"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jum5-ndq3-xbhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46043?format=json","vulnerability_id":"VCID-k9w6-f6aw-dbey","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14491.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14491.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14491","reference_id":"","reference_type":"","scores":[{"value":"0.57794","scoring_system":"epss","scoring_elements":"0.98177","published_at":"2026-04-13T12:55:00Z"},{"value":"0.57794","scoring_system":"epss","scoring_elements":"0.98176","published_at":"2026-04-12T12:55:00Z"},{"value":"0.62655","scoring_system":"epss","scoring_elements":"0.98378","published_at":"2026-04-11T12:55:00Z"},{"value":"0.62655","scoring_system":"epss","scoring_elements":"0.98361","published_at":"2026-04-01T12:55:00Z"},{"value":"0.62655","scoring_system":"epss","scoring_elements":"0.98364","published_at":"2026-04-02T12:55:00Z"},{"value":"0.62655","scoring_system":"epss","scoring_elements":"0.98366","published_at":"2026-04-04T12:55:00Z"},{"value":"0.62655","scoring_system":"epss","scoring_elements":"0.9837","published_at":"2026-04-07T12:55:00Z"},{"value":"0.62655","scoring_system":"epss","scoring_elements":"0.98374","published_at":"2026-04-08T12:55:00Z"},{"value":"0.62655","scoring_system":"epss","scoring_elements":"0.98376","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495409","reference_id":"1495409","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495409"},{"reference_url":"https://security.archlinux.org/ASA-201710-1","reference_id":"ASA-201710-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-1"},{"reference_url":"https://security.archlinux.org/AVG-421","reference_id":"AVG-421","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-421"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42941.py","reference_id":"CVE-2017-14491","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42941.py"},{"reference_url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14491.py","reference_id":"CVE-2017-14491","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14491.py"},{"reference_url":"https://security.gentoo.org/glsa/201710-27","reference_id":"GLSA-201710-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2836","reference_id":"RHSA-2017:2836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2837","reference_id":"RHSA-2017:2837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2838","reference_id":"RHSA-2017:2838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2839","reference_id":"RHSA-2017:2839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2840","reference_id":"RHSA-2017:2840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2841","reference_id":"RHSA-2017:2841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2841"},{"reference_url":"https://usn.ubuntu.com/3430-1/","reference_id":"USN-3430-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-1/"},{"reference_url":"https://usn.ubuntu.com/3430-2/","reference_id":"USN-3430-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583971?format=json","purl":"pkg:deb/debian/dnsmasq@2.78-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.78-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2017-14491"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k9w6-f6aw-dbey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46209?format=json","vulnerability_id":"VCID-khrt-9ar9-wbc3","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25683.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25683.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25683","reference_id":"","reference_type":"","scores":[{"value":"0.31317","scoring_system":"epss","scoring_elements":"0.9674","published_at":"2026-04-01T12:55:00Z"},{"value":"0.31317","scoring_system":"epss","scoring_elements":"0.9677","published_at":"2026-04-13T12:55:00Z"},{"value":"0.31317","scoring_system":"epss","scoring_elements":"0.96764","published_at":"2026-04-09T12:55:00Z"},{"value":"0.31317","scoring_system":"epss","scoring_elements":"0.96767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.31317","scoring_system":"epss","scoring_elements":"0.9675","published_at":"2026-04-02T12:55:00Z"},{"value":"0.31317","scoring_system":"epss","scoring_elements":"0.96751","published_at":"2026-04-04T12:55:00Z"},{"value":"0.31317","scoring_system":"epss","scoring_elements":"0.96756","published_at":"2026-04-07T12:55:00Z"},{"value":"0.31317","scoring_system":"epss","scoring_elements":"0.96763","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1882018","reference_id":"1882018","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1882018"},{"reference_url":"https://security.archlinux.org/ASA-202101-38","reference_id":"ASA-202101-38","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-38"},{"reference_url":"https://security.archlinux.org/AVG-1470","reference_id":"AVG-1470","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1470"},{"reference_url":"https://security.gentoo.org/glsa/202101-17","reference_id":"GLSA-202101-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0150","reference_id":"RHSA-2021:0150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0151","reference_id":"RHSA-2021:0151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0152","reference_id":"RHSA-2021:0152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0152"},{"reference_url":"https://usn.ubuntu.com/4698-1/","reference_id":"USN-4698-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4698-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584169?format=json","purl":"pkg:deb/debian/dnsmasq@2.83-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.83-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2020-25683"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-khrt-9ar9-wbc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46044?format=json","vulnerability_id":"VCID-kxbw-1fr9-8kb3","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"},{"reference_url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561","reference_id":"","reference_type":"","scores":[],"url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14492.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14492.json"},{"reference_url":"https://access.redhat.com/security/vulnerabilities/3199382","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/security/vulnerabilities/3199382"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14492","reference_id":"","reference_type":"","scores":[{"value":"0.92841","scoring_system":"epss","scoring_elements":"0.99763","published_at":"2026-04-01T12:55:00Z"},{"value":"0.92841","scoring_system":"epss","scoring_elements":"0.99766","published_at":"2026-04-11T12:55:00Z"},{"value":"0.92841","scoring_system":"epss","scoring_elements":"0.99764","published_at":"2026-04-04T12:55:00Z"},{"value":"0.92841","scoring_system":"epss","scoring_elements":"0.99765","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14492"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv2","scoring_elements":"AV:A/AC:L/Au:N/C:N/I:P/A:P"},{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html","reference_id":"","reference_type":"","scores":[],"url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"},{"reference_url":"https://www.exploit-db.com/exploits/42942/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/42942/"},{"reference_url":"https://www.kb.cert.org/vuls/id/973527","reference_id":"","reference_type":"","scores":[],"url":"https://www.kb.cert.org/vuls/id/973527"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"},{"reference_url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq","reference_id":"","reference_type":"","scores":[],"url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"},{"reference_url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=24036ea507862c7b7898b68289c8130f85599c10","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=24036ea507862c7b7898b68289c8130f85599c10"},{"reference_url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt"},{"reference_url":"http://www.debian.org/security/2017/dsa-3989","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3989"},{"reference_url":"http://www.securityfocus.com/bid/101085","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101085"},{"reference_url":"http://www.securitytracker.com/id/1039474","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039474"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495410","reference_id":"1495410","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495410"},{"reference_url":"https://security.archlinux.org/ASA-201710-1","reference_id":"ASA-201710-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-1"},{"reference_url":"https://security.archlinux.org/AVG-421","reference_id":"AVG-421","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-421"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42942.py","reference_id":"CVE-2017-14492","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42942.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14492","reference_id":"CVE-2017-14492","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14492"},{"reference_url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14492.py","reference_id":"CVE-2017-14492","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14492.py"},{"reference_url":"https://security.gentoo.org/glsa/201710-27","reference_id":"GLSA-201710-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2836","reference_id":"RHSA-2017:2836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2837","reference_id":"RHSA-2017:2837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2837"},{"reference_url":"https://usn.ubuntu.com/3430-1/","reference_id":"USN-3430-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-1/"},{"reference_url":"https://usn.ubuntu.com/3430-2/","reference_id":"USN-3430-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583971?format=json","purl":"pkg:deb/debian/dnsmasq@2.78-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.78-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2017-14492"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kxbw-1fr9-8kb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81120?format=json","vulnerability_id":"VCID-nc6t-132e-cqda","summary":"dnsmasq: insecure default configuration makes it an open resolver","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14312.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14312.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14312","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32749","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3288","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32915","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32737","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32785","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32811","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32813","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32775","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14312"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1851342","reference_id":"1851342","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1851342"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732610","reference_id":"732610","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732610"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586117?format=json","purl":"pkg:deb/debian/dnsmasq@2.69-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.69-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2020-14312"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nc6t-132e-cqda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80013?format=json","vulnerability_id":"VCID-nkc5-xdc9-2ff8","summary":"dnsmasq: DNS cache poisoning from local network may lead to DoS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0877.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0877.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0877","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16753","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16856","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16811","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16725","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16895","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16952","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16735","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16823","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.1688","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0877"},{"reference_url":"http://secunia.com/advisories/14691","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/14691"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/19826","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/19826"},{"reference_url":"http://www.securityfocus.com/bid/12897","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/12897"},{"reference_url":"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2011237","reference_id":"2011237","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2011237"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-0877","reference_id":"CVE-2005-0877","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-0877"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583931?format=json","purl":"pkg:deb/debian/dnsmasq@2.21?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.21%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2005-0877"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nkc5-xdc9-2ff8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46213?format=json","vulnerability_id":"VCID-nrja-2ajq-mfek","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25687.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25687.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25687","reference_id":"","reference_type":"","scores":[{"value":"0.22","scoring_system":"epss","scoring_elements":"0.95739","published_at":"2026-04-01T12:55:00Z"},{"value":"0.22","scoring_system":"epss","scoring_elements":"0.95776","published_at":"2026-04-13T12:55:00Z"},{"value":"0.22","scoring_system":"epss","scoring_elements":"0.9577","published_at":"2026-04-09T12:55:00Z"},{"value":"0.22","scoring_system":"epss","scoring_elements":"0.95774","published_at":"2026-04-12T12:55:00Z"},{"value":"0.22","scoring_system":"epss","scoring_elements":"0.95748","published_at":"2026-04-02T12:55:00Z"},{"value":"0.22","scoring_system":"epss","scoring_elements":"0.95756","published_at":"2026-04-04T12:55:00Z"},{"value":"0.22","scoring_system":"epss","scoring_elements":"0.95759","published_at":"2026-04-07T12:55:00Z"},{"value":"0.22","scoring_system":"epss","scoring_elements":"0.95767","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1891568","reference_id":"1891568","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1891568"},{"reference_url":"https://security.archlinux.org/ASA-202101-38","reference_id":"ASA-202101-38","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-38"},{"reference_url":"https://security.archlinux.org/AVG-1470","reference_id":"AVG-1470","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1470"},{"reference_url":"https://security.gentoo.org/glsa/202101-17","reference_id":"GLSA-202101-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0150","reference_id":"RHSA-2021:0150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0151","reference_id":"RHSA-2021:0151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0152","reference_id":"RHSA-2021:0152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0152"},{"reference_url":"https://usn.ubuntu.com/4698-1/","reference_id":"USN-4698-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4698-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584169?format=json","purl":"pkg:deb/debian/dnsmasq@2.83-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.83-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2020-25687"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nrja-2ajq-mfek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46210?format=json","vulnerability_id":"VCID-nute-d491-mqa9","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25684.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25684.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25684","reference_id":"","reference_type":"","scores":[{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49417","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49466","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49492","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49464","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49445","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49472","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.4948","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49475","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1889686","reference_id":"1889686","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1889686"},{"reference_url":"https://security.archlinux.org/ASA-202101-38","reference_id":"ASA-202101-38","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-38"},{"reference_url":"https://security.archlinux.org/AVG-1470","reference_id":"AVG-1470","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1470"},{"reference_url":"https://security.gentoo.org/glsa/202101-17","reference_id":"GLSA-202101-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0150","reference_id":"RHSA-2021:0150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0151","reference_id":"RHSA-2021:0151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0152","reference_id":"RHSA-2021:0152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0153","reference_id":"RHSA-2021:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0154","reference_id":"RHSA-2021:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0155","reference_id":"RHSA-2021:0155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0156","reference_id":"RHSA-2021:0156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0240","reference_id":"RHSA-2021:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0245","reference_id":"RHSA-2021:0245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0395","reference_id":"RHSA-2021:0395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0401","reference_id":"RHSA-2021:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0401"},{"reference_url":"https://usn.ubuntu.com/4698-1/","reference_id":"USN-4698-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4698-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584169?format=json","purl":"pkg:deb/debian/dnsmasq@2.83-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.83-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2020-25684"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nute-d491-mqa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90523?format=json","vulnerability_id":"VCID-ny7u-m7rb-kkh3","summary":"dnsmasq 2.25 allows remote attackers to cause a denial of service (daemon crash) by (1) renewing a nonexistent lease or (2) sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon.","references":[{"reference_url":"http://freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=217681","reference_id":"","reference_type":"","scores":[],"url":"http://freshmeat.net/projects/dnsmasq/?branch_id=1991&release_id=217681"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3214.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3214.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3214","reference_id":"","reference_type":"","scores":[{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47449","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47389","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47423","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47444","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47393","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47448","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47445","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47468","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47443","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3214"},{"reference_url":"https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/47438","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/47438"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3214","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3214"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43929","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/43929"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/06/30/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/06/30/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/07/01/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/07/01/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/07/02/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/07/02/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/07/03/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/07/03/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/07/08/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/07/08/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/07/12/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2008/07/12/3"},{"reference_url":"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:2.25:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:2.25:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:2.25:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3214","reference_id":"CVE-2008-3214","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-3214"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585575?format=json","purl":"pkg:deb/debian/dnsmasq@2.26-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.26-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2008-3214"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ny7u-m7rb-kkh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61410?format=json","vulnerability_id":"VCID-p726-bqvu-dfda","summary":"Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28450.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28450.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28450","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01618","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01607","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01624","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01626","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01633","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01619","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01609","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28450"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28450"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033165","reference_id":"1033165","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033165"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2178948","reference_id":"2178948","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2178948"},{"reference_url":"https://capec.mitre.org/data/definitions/495.html","reference_id":"495.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/"}],"url":"https://capec.mitre.org/data/definitions/495.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV/","reference_id":"6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UQ6LKDTLSSD64TBIZ3XEKBM2SWC63VV/"},{"reference_url":"https://thekelleys.org.uk/dnsmasq/doc.html","reference_id":"doc.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/"}],"url":"https://thekelleys.org.uk/dnsmasq/doc.html"},{"reference_url":"https://security.gentoo.org/glsa/202412-10","reference_id":"GLSA-202412-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-10"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA/","reference_id":"OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OU2ZT4ITSEOOR2CFBAHK4Z67KXJIEWQA/"},{"reference_url":"https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG","reference_id":"?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/"}],"url":"https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=blob%3Bf=CHANGELOG"},{"reference_url":"https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5","reference_id":"?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T21:21:11Z/"}],"url":"https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6524","reference_id":"RHSA-2023:6524","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6524"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7046","reference_id":"RHSA-2023:7046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1544","reference_id":"RHSA-2024:1544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1545","reference_id":"RHSA-2024:1545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4052","reference_id":"RHSA-2024:4052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4052"},{"reference_url":"https://usn.ubuntu.com/6034-1/","reference_id":"USN-6034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6034-1/"},{"reference_url":"https://usn.ubuntu.com/6657-1/","reference_id":"USN-6657-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-1/"},{"reference_url":"https://usn.ubuntu.com/6657-2/","reference_id":"USN-6657-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582123?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582124?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2023-28450"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p726-bqvu-dfda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64683?format=json","vulnerability_id":"VCID-qs1p-1j9u-3khg","summary":"dnsmasq: dnsmasq-utils 'dhcp_release' Denial of Service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-37127.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-37127.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-37127","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00393","published_at":"2026-04-01T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00397","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00377","published_at":"2026-04-13T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00386","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00383","published_at":"2026-04-08T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00384","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00382","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00378","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-37127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-37127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-37127"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437103","reference_id":"2437103","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437103"},{"reference_url":"https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1","reference_id":"2.79-1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T21:17:56Z/"}],"url":"https://launchpad.net/ubuntu/+source/dnsmasq/2.79-1"},{"reference_url":"https://www.exploit-db.com/exploits/48301","reference_id":"48301","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T21:17:56Z/"}],"url":"https://www.exploit-db.com/exploits/48301"},{"reference_url":"https://www.vulncheck.com/advisories/dnsmasq-utils-dhcprelease-denial-of-service","reference_id":"dnsmasq-utils-dhcprelease-denial-of-service","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T21:17:56Z/"}],"url":"https://www.vulncheck.com/advisories/dnsmasq-utils-dhcprelease-denial-of-service"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583102?format=json","purl":"pkg:deb/debian/dnsmasq@2.80-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.80-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2020-37127"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qs1p-1j9u-3khg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46048?format=json","vulnerability_id":"VCID-r15f-fgv8-s3h2","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"},{"reference_url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561","reference_id":"","reference_type":"","scores":[],"url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14495.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14495.json"},{"reference_url":"https://access.redhat.com/security/vulnerabilities/3199382","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/security/vulnerabilities/3199382"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14495","reference_id":"","reference_type":"","scores":[{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.9796","published_at":"2026-04-01T12:55:00Z"},{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.9798","published_at":"2026-04-13T12:55:00Z"},{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.97968","published_at":"2026-04-07T12:55:00Z"},{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.97973","published_at":"2026-04-08T12:55:00Z"},{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.97974","published_at":"2026-04-09T12:55:00Z"},{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.97977","published_at":"2026-04-11T12:55:00Z"},{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.97979","published_at":"2026-04-12T12:55:00Z"},{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.97963","published_at":"2026-04-02T12:55:00Z"},{"value":"0.53317","scoring_system":"epss","scoring_elements":"0.97965","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14495"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14495"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html","reference_id":"","reference_type":"","scores":[],"url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"},{"reference_url":"https://www.exploit-db.com/exploits/42945/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/42945/"},{"reference_url":"https://www.kb.cert.org/vuls/id/973527","reference_id":"","reference_type":"","scores":[],"url":"https://www.kb.cert.org/vuls/id/973527"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"},{"reference_url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq","reference_id":"","reference_type":"","scores":[],"url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"},{"reference_url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=51eadb692a5123b9838e5a68ecace3ac579a3a45","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=51eadb692a5123b9838e5a68ecace3ac579a3a45"},{"reference_url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt"},{"reference_url":"http://www.debian.org/security/2017/dsa-3989","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3989"},{"reference_url":"http://www.securityfocus.com/bid/101085","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101085"},{"reference_url":"http://www.securityfocus.com/bid/101977","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101977"},{"reference_url":"http://www.securitytracker.com/id/1039474","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039474"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495415","reference_id":"1495415","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495415"},{"reference_url":"https://security.archlinux.org/ASA-201710-1","reference_id":"ASA-201710-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-1"},{"reference_url":"https://security.archlinux.org/AVG-421","reference_id":"AVG-421","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-421"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42945.py","reference_id":"CVE-2017-14495","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42945.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14495","reference_id":"CVE-2017-14495","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14495"},{"reference_url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14495.py","reference_id":"CVE-2017-14495","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14495.py"},{"reference_url":"https://security.gentoo.org/glsa/201710-27","reference_id":"GLSA-201710-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2836","reference_id":"RHSA-2017:2836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2836"},{"reference_url":"https://usn.ubuntu.com/3430-1/","reference_id":"USN-3430-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-1/"},{"reference_url":"https://usn.ubuntu.com/3430-2/","reference_id":"USN-3430-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583971?format=json","purl":"pkg:deb/debian/dnsmasq@2.78-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.78-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2017-14495"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r15f-fgv8-s3h2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46049?format=json","vulnerability_id":"VCID-ru4r-dtwq-sub2","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"},{"reference_url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561","reference_id":"","reference_type":"","scores":[],"url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14496.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14496.json"},{"reference_url":"https://access.redhat.com/security/vulnerabilities/3199382","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/security/vulnerabilities/3199382"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14496","reference_id":"","reference_type":"","scores":[{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.94927","published_at":"2026-04-01T12:55:00Z"},{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.9496","published_at":"2026-04-13T12:55:00Z"},{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.94951","published_at":"2026-04-09T12:55:00Z"},{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.94956","published_at":"2026-04-11T12:55:00Z"},{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.94958","published_at":"2026-04-12T12:55:00Z"},{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.94935","published_at":"2026-04-02T12:55:00Z"},{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.94937","published_at":"2026-04-04T12:55:00Z"},{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.94938","published_at":"2026-04-07T12:55:00Z"},{"value":"0.16883","scoring_system":"epss","scoring_elements":"0.94947","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14496"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14496"},{"reference_url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html","reference_id":"","reference_type":"","scores":[],"url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"},{"reference_url":"https://source.android.com/security/bulletin/2017-10-01","reference_id":"","reference_type":"","scores":[],"url":"https://source.android.com/security/bulletin/2017-10-01"},{"reference_url":"https://www.exploit-db.com/exploits/42946/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/42946/"},{"reference_url":"https://www.kb.cert.org/vuls/id/973527","reference_id":"","reference_type":"","scores":[],"url":"https://www.kb.cert.org/vuls/id/973527"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"},{"reference_url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq","reference_id":"","reference_type":"","scores":[],"url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"},{"reference_url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=897c113fda0886a28a986cc6ba17bb93bd6cb1c7","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=897c113fda0886a28a986cc6ba17bb93bd6cb1c7"},{"reference_url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt"},{"reference_url":"http://www.debian.org/security/2017/dsa-3989","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3989"},{"reference_url":"http://www.securityfocus.com/bid/101085","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101085"},{"reference_url":"http://www.securityfocus.com/bid/101977","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101977"},{"reference_url":"http://www.securitytracker.com/id/1039474","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039474"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495416","reference_id":"1495416","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495416"},{"reference_url":"https://security.archlinux.org/ASA-201710-1","reference_id":"ASA-201710-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-1"},{"reference_url":"https://security.archlinux.org/AVG-421","reference_id":"AVG-421","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-421"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42946.py","reference_id":"CVE-2017-14496","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42946.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14496","reference_id":"CVE-2017-14496","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14496"},{"reference_url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14496.py","reference_id":"CVE-2017-14496","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14496.py"},{"reference_url":"https://security.gentoo.org/glsa/201710-27","reference_id":"GLSA-201710-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2836","reference_id":"RHSA-2017:2836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2836"},{"reference_url":"https://usn.ubuntu.com/3430-1/","reference_id":"USN-3430-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-1/"},{"reference_url":"https://usn.ubuntu.com/3430-2/","reference_id":"USN-3430-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583971?format=json","purl":"pkg:deb/debian/dnsmasq@2.78-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.78-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2017-14496"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ru4r-dtwq-sub2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46046?format=json","vulnerability_id":"VCID-snzd-3st5-8yb1","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html"},{"reference_url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561","reference_id":"","reference_type":"","scores":[],"url":"http://nvidia.custhelp.com/app/answers/detail/a_id/4561"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14494.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14494.json"},{"reference_url":"https://access.redhat.com/security/vulnerabilities/3199382","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/security/vulnerabilities/3199382"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14494","reference_id":"","reference_type":"","scores":[{"value":"0.10987","scoring_system":"epss","scoring_elements":"0.93389","published_at":"2026-04-01T12:55:00Z"},{"value":"0.10987","scoring_system":"epss","scoring_elements":"0.93423","published_at":"2026-04-13T12:55:00Z"},{"value":"0.10987","scoring_system":"epss","scoring_elements":"0.93405","published_at":"2026-04-07T12:55:00Z"},{"value":"0.10987","scoring_system":"epss","scoring_elements":"0.93413","published_at":"2026-04-08T12:55:00Z"},{"value":"0.10987","scoring_system":"epss","scoring_elements":"0.93417","published_at":"2026-04-09T12:55:00Z"},{"value":"0.10987","scoring_system":"epss","scoring_elements":"0.93422","published_at":"2026-04-11T12:55:00Z"},{"value":"0.10987","scoring_system":"epss","scoring_elements":"0.93421","published_at":"2026-04-12T12:55:00Z"},{"value":"0.10987","scoring_system":"epss","scoring_elements":"0.93397","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14492"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14493"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14494"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv2","scoring_elements":"AV:A/AC:L/Au:N/C:P/I:N/A:N"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html","reference_id":"","reference_type":"","scores":[],"url":"https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html"},{"reference_url":"https://www.exploit-db.com/exploits/42944/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/42944/"},{"reference_url":"https://www.kb.cert.org/vuls/id/973527","reference_id":"","reference_type":"","scores":[],"url":"https://www.kb.cert.org/vuls/id/973527"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html"},{"reference_url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html"},{"reference_url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq","reference_id":"","reference_type":"","scores":[],"url":"https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq"},{"reference_url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/dnsmasq/CHANGELOG"},{"reference_url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=33e3f1029c9ec6c63e430ff51063a6301d4b2262","reference_id":"","reference_type":"","scores":[],"url":"http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=33e3f1029c9ec6c63e430ff51063a6301d4b2262"},{"reference_url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-005.txt"},{"reference_url":"http://www.debian.org/security/2017/dsa-3989","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3989"},{"reference_url":"http://www.securityfocus.com/bid/101085","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101085"},{"reference_url":"http://www.securitytracker.com/id/1039474","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039474"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-3430-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3430-2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495412","reference_id":"1495412","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1495412"},{"reference_url":"https://security.archlinux.org/ASA-201710-1","reference_id":"ASA-201710-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-1"},{"reference_url":"https://security.archlinux.org/AVG-421","reference_id":"AVG-421","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-421"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42944.py","reference_id":"CVE-2017-14494","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42944.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14494","reference_id":"CVE-2017-14494","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14494"},{"reference_url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14494.py","reference_id":"CVE-2017-14494","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/google/security-research-pocs/master/vulnerabilities/dnsmasq/CVE-2017-14494.py"},{"reference_url":"https://security.gentoo.org/glsa/201710-27","reference_id":"GLSA-201710-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2836","reference_id":"RHSA-2017:2836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2837","reference_id":"RHSA-2017:2837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2837"},{"reference_url":"https://usn.ubuntu.com/3430-1/","reference_id":"USN-3430-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-1/"},{"reference_url":"https://usn.ubuntu.com/3430-2/","reference_id":"USN-3430-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3430-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583971?format=json","purl":"pkg:deb/debian/dnsmasq@2.78-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.78-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2017-14494"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-snzd-3st5-8yb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61412?format=json","vulnerability_id":"VCID-vprj-j7u6-zbe7","summary":"Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50868","reference_id":"","reference_type":"","scores":[{"value":"0.11802","scoring_system":"epss","scoring_elements":"0.93712","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11802","scoring_system":"epss","scoring_elements":"0.93708","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11802","scoring_system":"epss","scoring_elements":"0.93706","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11802","scoring_system":"epss","scoring_elements":"0.93696","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11802","scoring_system":"epss","scoring_elements":"0.93684","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11802","scoring_system":"epss","scoring_elements":"0.93713","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11802","scoring_system":"epss","scoring_elements":"0.93694","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html","reference_id":"017430.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845","reference_id":"1063845","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852","reference_id":"1063852","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751","reference_id":"1077751","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/16/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/16/2"},{"reference_url":"https://www.isc.org/blogs/2024-bind-security-release/","reference_id":"2024-bind-security-release","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://www.isc.org/blogs/2024-bind-security-release/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263917","reference_id":"2263917","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263917"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/16/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/16/3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/","reference_id":"6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/","reference_id":"BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/"},{"reference_url":"https://kb.isc.org/docs/cve-2023-50868","reference_id":"cve-2023-50868","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://kb.isc.org/docs/cve-2023-50868"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-50868","reference_id":"CVE-2023-50868","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-50868"},{"reference_url":"https://security.gentoo.org/glsa/202412-10","reference_id":"GLSA-202412-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-10"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/","reference_id":"HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/","reference_id":"IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html","reference_id":"msg00006.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240307-0008/","reference_id":"ntap-20240307-0008","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240307-0008/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/","reference_id":"PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/"},{"reference_url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html","reference_id":"powerdns-advisory-2024-01.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html"},{"reference_url":"https://datatracker.ietf.org/doc/html/rfc5155","reference_id":"rfc5155","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://datatracker.ietf.org/doc/html/rfc5155"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/","reference_id":"RGS7JN6FZXUSTC2XKQHH27574XOULYYJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0965","reference_id":"RHSA-2024:0965","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0977","reference_id":"RHSA-2024:0977","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0981","reference_id":"RHSA-2024:0981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0982","reference_id":"RHSA-2024:0982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11003","reference_id":"RHSA-2024:11003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1334","reference_id":"RHSA-2024:1334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1335","reference_id":"RHSA-2024:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1522","reference_id":"RHSA-2024:1522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1543","reference_id":"RHSA-2024:1543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1544","reference_id":"RHSA-2024:1544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1545","reference_id":"RHSA-2024:1545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1647","reference_id":"RHSA-2024:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1648","reference_id":"RHSA-2024:1648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1781","reference_id":"RHSA-2024:1781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1782","reference_id":"RHSA-2024:1782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1789","reference_id":"RHSA-2024:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1800","reference_id":"RHSA-2024:1800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1801","reference_id":"RHSA-2024:1801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1803","reference_id":"RHSA-2024:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1804","reference_id":"RHSA-2024:1804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2551","reference_id":"RHSA-2024:2551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2587","reference_id":"RHSA-2024:2587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2696","reference_id":"RHSA-2024:2696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2720","reference_id":"RHSA-2024:2720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2721","reference_id":"RHSA-2024:2721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2821","reference_id":"RHSA-2024:2821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2890","reference_id":"RHSA-2024:2890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3271","reference_id":"RHSA-2024:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3741","reference_id":"RHSA-2024:3741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3877","reference_id":"RHSA-2024:3877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3929","reference_id":"RHSA-2024:3929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0039","reference_id":"RHSA-2025:0039","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0039"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1219826","reference_id":"show_bug.cgi?id=1219826","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1219826"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/","reference_id":"SVYA42BLXUCIDLD35YIJPJSHDIADNYMP","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/","reference_id":"TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/"},{"reference_url":"https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/","reference_id":"unbound-1.19.1-released","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/","reference_id":"UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/"},{"reference_url":"https://usn.ubuntu.com/6633-1/","reference_id":"USN-6633-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6633-1/"},{"reference_url":"https://usn.ubuntu.com/6642-1/","reference_id":"USN-6642-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6642-1/"},{"reference_url":"https://usn.ubuntu.com/6657-1/","reference_id":"USN-6657-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-1/"},{"reference_url":"https://usn.ubuntu.com/6657-2/","reference_id":"USN-6657-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-2/"},{"reference_url":"https://usn.ubuntu.com/6665-1/","reference_id":"USN-6665-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6665-1/"},{"reference_url":"https://usn.ubuntu.com/6723-1/","reference_id":"USN-6723-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6723-1/"},{"reference_url":"https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1","reference_id":"v5.7.1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","reference_id":"ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582123?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582124?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2023-50868"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vprj-j7u6-zbe7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59314?format=json","vulnerability_id":"VCID-vshb-4mjd-qugr","summary":"Use of insufficient randomness in Dnsmasq might lead to DNS Cache\n    Poisoning.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3448.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3448.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3448","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12634","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12605","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12738","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12784","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12591","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1267","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12723","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1269","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1265","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3448"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3448","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3448"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1939368","reference_id":"1939368","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1939368"},{"reference_url":"https://security.archlinux.org/AVG-1703","reference_id":"AVG-1703","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1703"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24/","reference_id":"CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVTJUOFFFHINLKWAOC2ZSC5MOPD4SJ24/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7/","reference_id":"FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHG7GWSQWKF7JXIMLOGJBKZWBB4VIAJ7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V/","reference_id":"GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GHURNEHHUBSW45KMIZ4FNBCSUPWPGV5V/"},{"reference_url":"https://security.gentoo.org/glsa/202105-20","reference_id":"GLSA-202105-20","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T00:40:29Z/"}],"url":"https://security.gentoo.org/glsa/202105-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4153","reference_id":"RHSA-2021:4153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4153"},{"reference_url":"https://usn.ubuntu.com/4976-1/","reference_id":"USN-4976-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4976-1/"},{"reference_url":"https://usn.ubuntu.com/4976-2/","reference_id":"USN-4976-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4976-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2021-3448"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vshb-4mjd-qugr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83719?format=json","vulnerability_id":"VCID-xge7-87zv-tbev","summary":"dnsmasq: Improper validation of wildcard synthesized NSEC records","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15107.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15107.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15107","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07189","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07198","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09521","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09536","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09586","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09499","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09574","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09621","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09628","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15107"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15107","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15107"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1510570","reference_id":"1510570","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1510570"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888200","reference_id":"888200","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888200"},{"reference_url":"https://security.archlinux.org/ASA-201801-32","reference_id":"ASA-201801-32","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-32"},{"reference_url":"https://security.archlinux.org/AVG-592","reference_id":"AVG-592","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-592"},{"reference_url":"https://usn.ubuntu.com/4924-1/","reference_id":"USN-4924-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4924-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586065?format=json","purl":"pkg:deb/debian/dnsmasq@2.79-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.79-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2017-15107"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xge7-87zv-tbev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46206?format=json","vulnerability_id":"VCID-yaj9-mfyu-uqdm","summary":"Multiple vulnerabilities have been found in Dnsmasq, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25681.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25681.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25681","reference_id":"","reference_type":"","scores":[{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.97582","published_at":"2026-04-01T12:55:00Z"},{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.97606","published_at":"2026-04-13T12:55:00Z"},{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.97603","published_at":"2026-04-11T12:55:00Z"},{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.97605","published_at":"2026-04-12T12:55:00Z"},{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.97588","published_at":"2026-04-02T12:55:00Z"},{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.97591","published_at":"2026-04-04T12:55:00Z"},{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.97592","published_at":"2026-04-07T12:55:00Z"},{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.97598","published_at":"2026-04-08T12:55:00Z"},{"value":"0.45359","scoring_system":"epss","scoring_elements":"0.976","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25687"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1881875","reference_id":"1881875","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1881875"},{"reference_url":"https://security.archlinux.org/ASA-202101-38","reference_id":"ASA-202101-38","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202101-38"},{"reference_url":"https://security.archlinux.org/AVG-1470","reference_id":"AVG-1470","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1470"},{"reference_url":"https://security.gentoo.org/glsa/202101-17","reference_id":"GLSA-202101-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202101-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0150","reference_id":"RHSA-2021:0150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0151","reference_id":"RHSA-2021:0151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0152","reference_id":"RHSA-2021:0152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0152"},{"reference_url":"https://usn.ubuntu.com/4698-1/","reference_id":"USN-4698-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4698-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584169?format=json","purl":"pkg:deb/debian/dnsmasq@2.83-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.83-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2020-25681"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yaj9-mfyu-uqdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91543?format=json","vulnerability_id":"VCID-z9q1-h7ra-r3dg","summary":"Dnsmasq 2.29 allows remote attackers to cause a denial of service (application crash) via a DHCP client broadcast reply request.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2017","reference_id":"","reference_type":"","scores":[{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.79468","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.79474","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.79498","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.79484","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.79513","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.7952","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.79543","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.79526","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.79517","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2017"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585535?format=json","purl":"pkg:deb/debian/dnsmasq@2.30-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.30-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582122?format=json","purl":"pkg:deb/debian/dnsmasq@2.85-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1bzd-pqhn-hqfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582125?format=json","purl":"pkg:deb/debian/dnsmasq@2.90-4~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.90-4~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582126?format=json","purl":"pkg:deb/debian/dnsmasq@2.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582127?format=json","purl":"pkg:deb/debian/dnsmasq@2.92-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.92-3%3Fdistro=trixie"}],"aliases":["CVE-2006-2017"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z9q1-h7ra-r3dg"}],"risk_score":"3.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsmasq@2.85-1%3Fdistro=trixie"}