Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/dnsjava@2.1.8-2
Typedeb
Namespacedebian
Namednsjava
Version2.1.8-2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.6.2-2
Latest_non_vulnerable_version3.6.2-2
Affected_by_vulnerabilities
0
url VCID-66sa-bc5p-jqde
vulnerability_id VCID-66sa-bc5p-jqde
summary Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-50387
reference_id
reference_type
scores
0
value 0.51989
scoring_system epss
scoring_elements 0.97913
published_at 2026-04-12T12:55:00Z
1
value 0.51989
scoring_system epss
scoring_elements 0.97912
published_at 2026-04-11T12:55:00Z
2
value 0.51989
scoring_system epss
scoring_elements 0.97909
published_at 2026-04-09T12:55:00Z
3
value 0.51989
scoring_system epss
scoring_elements 0.97898
published_at 2026-04-04T12:55:00Z
4
value 0.51989
scoring_system epss
scoring_elements 0.97906
published_at 2026-04-08T12:55:00Z
5
value 0.51989
scoring_system epss
scoring_elements 0.97901
published_at 2026-04-07T12:55:00Z
6
value 0.51989
scoring_system epss
scoring_elements 0.97896
published_at 2026-04-02T12:55:00Z
7
value 0.51989
scoring_system epss
scoring_elements 0.97914
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-50387
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html
reference_id 017430.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845
reference_id 1063845
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852
reference_id 1063852
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750
reference_id 1077750
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750
12
reference_url http://www.openwall.com/lists/oss-security/2024/02/16/2
reference_id 2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url http://www.openwall.com/lists/oss-security/2024/02/16/2
13
reference_url https://www.isc.org/blogs/2024-bind-security-release/
reference_id 2024-bind-security-release
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://www.isc.org/blogs/2024-bind-security-release/
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2263914
reference_id 2263914
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2263914
15
reference_url http://www.openwall.com/lists/oss-security/2024/02/16/3
reference_id 3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url http://www.openwall.com/lists/oss-security/2024/02/16/3
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/
reference_id 6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/
reference_id BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/
18
reference_url https://kb.isc.org/docs/cve-2023-50387
reference_id cve-2023-50387
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://kb.isc.org/docs/cve-2023-50387
19
reference_url https://access.redhat.com/security/cve/CVE-2023-50387
reference_id CVE-2023-50387
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://access.redhat.com/security/cve/CVE-2023-50387
20
reference_url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387
reference_id CVE-2023-50387
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387
21
reference_url https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/
reference_id dnssec_vulnerability_internet
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/
22
reference_url https://security.gentoo.org/glsa/202412-10
reference_id GLSA-202412-10
reference_type
scores
url https://security.gentoo.org/glsa/202412-10
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/
reference_id HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/
reference_id IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/
25
reference_url https://news.ycombinator.com/item?id=39367411
reference_id item?id=39367411
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://news.ycombinator.com/item?id=39367411
26
reference_url https://news.ycombinator.com/item?id=39372384
reference_id item?id=39372384
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://news.ycombinator.com/item?id=39372384
27
reference_url https://www.athene-center.de/aktuelles/key-trap
reference_id key-trap
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://www.athene-center.de/aktuelles/key-trap
28
reference_url https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/
reference_id keytrap-dns-attack-could-disable-large-parts-of-internet-researchers
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/
29
reference_url https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html
reference_id msg00006.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html
30
reference_url https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html
reference_id msg00011.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html
31
reference_url https://security.netapp.com/advisory/ntap-20240307-0007/
reference_id ntap-20240307-0007
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://security.netapp.com/advisory/ntap-20240307-0007/
32
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/
reference_id PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/
33
reference_url https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html
reference_id powerdns-advisory-2024-01.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html
34
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/
reference_id RGS7JN6FZXUSTC2XKQHH27574XOULYYJ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/
35
reference_url https://access.redhat.com/errata/RHSA-2024:0965
reference_id RHSA-2024:0965
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0965
36
reference_url https://access.redhat.com/errata/RHSA-2024:0977
reference_id RHSA-2024:0977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0977
37
reference_url https://access.redhat.com/errata/RHSA-2024:0981
reference_id RHSA-2024:0981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0981
38
reference_url https://access.redhat.com/errata/RHSA-2024:0982
reference_id RHSA-2024:0982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0982
39
reference_url https://access.redhat.com/errata/RHSA-2024:11003
reference_id RHSA-2024:11003
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11003
40
reference_url https://access.redhat.com/errata/RHSA-2024:1334
reference_id RHSA-2024:1334
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1334
41
reference_url https://access.redhat.com/errata/RHSA-2024:1335
reference_id RHSA-2024:1335
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1335
42
reference_url https://access.redhat.com/errata/RHSA-2024:1522
reference_id RHSA-2024:1522
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1522
43
reference_url https://access.redhat.com/errata/RHSA-2024:1543
reference_id RHSA-2024:1543
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1543
44
reference_url https://access.redhat.com/errata/RHSA-2024:1544
reference_id RHSA-2024:1544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1544
45
reference_url https://access.redhat.com/errata/RHSA-2024:1545
reference_id RHSA-2024:1545
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1545
46
reference_url https://access.redhat.com/errata/RHSA-2024:1647
reference_id RHSA-2024:1647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1647
47
reference_url https://access.redhat.com/errata/RHSA-2024:1648
reference_id RHSA-2024:1648
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1648
48
reference_url https://access.redhat.com/errata/RHSA-2024:1781
reference_id RHSA-2024:1781
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1781
49
reference_url https://access.redhat.com/errata/RHSA-2024:1782
reference_id RHSA-2024:1782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1782
50
reference_url https://access.redhat.com/errata/RHSA-2024:1789
reference_id RHSA-2024:1789
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1789
51
reference_url https://access.redhat.com/errata/RHSA-2024:1800
reference_id RHSA-2024:1800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1800
52
reference_url https://access.redhat.com/errata/RHSA-2024:1801
reference_id RHSA-2024:1801
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1801
53
reference_url https://access.redhat.com/errata/RHSA-2024:1803
reference_id RHSA-2024:1803
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1803
54
reference_url https://access.redhat.com/errata/RHSA-2024:1804
reference_id RHSA-2024:1804
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1804
55
reference_url https://access.redhat.com/errata/RHSA-2024:2551
reference_id RHSA-2024:2551
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2551
56
reference_url https://access.redhat.com/errata/RHSA-2024:2587
reference_id RHSA-2024:2587
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2587
57
reference_url https://access.redhat.com/errata/RHSA-2024:2696
reference_id RHSA-2024:2696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2696
58
reference_url https://access.redhat.com/errata/RHSA-2024:2720
reference_id RHSA-2024:2720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2720
59
reference_url https://access.redhat.com/errata/RHSA-2024:2721
reference_id RHSA-2024:2721
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2721
60
reference_url https://access.redhat.com/errata/RHSA-2024:2821
reference_id RHSA-2024:2821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2821
61
reference_url https://access.redhat.com/errata/RHSA-2024:2890
reference_id RHSA-2024:2890
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2890
62
reference_url https://access.redhat.com/errata/RHSA-2024:3271
reference_id RHSA-2024:3271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3271
63
reference_url https://access.redhat.com/errata/RHSA-2024:3741
reference_id RHSA-2024:3741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3741
64
reference_url https://access.redhat.com/errata/RHSA-2024:3877
reference_id RHSA-2024:3877
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3877
65
reference_url https://access.redhat.com/errata/RHSA-2024:3929
reference_id RHSA-2024:3929
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3929
66
reference_url https://access.redhat.com/errata/RHSA-2025:0039
reference_id RHSA-2025:0039
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0039
67
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1219823
reference_id show_bug.cgi?id=1219823
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://bugzilla.suse.com/show_bug.cgi?id=1219823
68
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/
reference_id SVYA42BLXUCIDLD35YIJPJSHDIADNYMP
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/
69
reference_url https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf
reference_id Technical_Report_KeyTrap.pdf
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf
70
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/
reference_id TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/
71
reference_url https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/
reference_id unbound-1.19.1-released
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/
72
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/
reference_id UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/
73
reference_url https://usn.ubuntu.com/6633-1/
reference_id USN-6633-1
reference_type
scores
url https://usn.ubuntu.com/6633-1/
74
reference_url https://usn.ubuntu.com/6642-1/
reference_id USN-6642-1
reference_type
scores
url https://usn.ubuntu.com/6642-1/
75
reference_url https://usn.ubuntu.com/6657-1/
reference_id USN-6657-1
reference_type
scores
url https://usn.ubuntu.com/6657-1/
76
reference_url https://usn.ubuntu.com/6657-2/
reference_id USN-6657-2
reference_type
scores
url https://usn.ubuntu.com/6657-2/
77
reference_url https://usn.ubuntu.com/6665-1/
reference_id USN-6665-1
reference_type
scores
url https://usn.ubuntu.com/6665-1/
78
reference_url https://usn.ubuntu.com/6723-1/
reference_id USN-6723-1
reference_type
scores
url https://usn.ubuntu.com/6723-1/
79
reference_url https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1
reference_id v5.7.1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1
80
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/
reference_id ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/
fixed_packages
0
url pkg:deb/debian/dnsjava@3.6.2-2
purl pkg:deb/debian/dnsjava@3.6.2-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsjava@3.6.2-2
aliases CVE-2023-50387
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-66sa-bc5p-jqde
1
url VCID-vprj-j7u6-zbe7
vulnerability_id VCID-vprj-j7u6-zbe7
summary Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-50868
reference_id
reference_type
scores
0
value 0.11802
scoring_system epss
scoring_elements 0.93712
published_at 2026-04-12T12:55:00Z
1
value 0.11802
scoring_system epss
scoring_elements 0.93708
published_at 2026-04-09T12:55:00Z
2
value 0.11802
scoring_system epss
scoring_elements 0.93706
published_at 2026-04-08T12:55:00Z
3
value 0.11802
scoring_system epss
scoring_elements 0.93696
published_at 2026-04-07T12:55:00Z
4
value 0.11802
scoring_system epss
scoring_elements 0.93684
published_at 2026-04-02T12:55:00Z
5
value 0.11802
scoring_system epss
scoring_elements 0.93713
published_at 2026-04-13T12:55:00Z
6
value 0.11802
scoring_system epss
scoring_elements 0.93694
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-50868
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html
reference_id 017430.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845
reference_id 1063845
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852
reference_id 1063852
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751
reference_id 1077751
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751
12
reference_url http://www.openwall.com/lists/oss-security/2024/02/16/2
reference_id 2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url http://www.openwall.com/lists/oss-security/2024/02/16/2
13
reference_url https://www.isc.org/blogs/2024-bind-security-release/
reference_id 2024-bind-security-release
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://www.isc.org/blogs/2024-bind-security-release/
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2263917
reference_id 2263917
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2263917
15
reference_url http://www.openwall.com/lists/oss-security/2024/02/16/3
reference_id 3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url http://www.openwall.com/lists/oss-security/2024/02/16/3
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/
reference_id 6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/
reference_id BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/
18
reference_url https://kb.isc.org/docs/cve-2023-50868
reference_id cve-2023-50868
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://kb.isc.org/docs/cve-2023-50868
19
reference_url https://access.redhat.com/security/cve/CVE-2023-50868
reference_id CVE-2023-50868
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://access.redhat.com/security/cve/CVE-2023-50868
20
reference_url https://security.gentoo.org/glsa/202412-10
reference_id GLSA-202412-10
reference_type
scores
url https://security.gentoo.org/glsa/202412-10
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/
reference_id HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/
reference_id IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/
23
reference_url https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html
reference_id msg00006.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html
24
reference_url https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html
reference_id msg00011.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html
25
reference_url https://security.netapp.com/advisory/ntap-20240307-0008/
reference_id ntap-20240307-0008
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://security.netapp.com/advisory/ntap-20240307-0008/
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/
reference_id PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/
27
reference_url https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html
reference_id powerdns-advisory-2024-01.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html
28
reference_url https://datatracker.ietf.org/doc/html/rfc5155
reference_id rfc5155
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://datatracker.ietf.org/doc/html/rfc5155
29
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/
reference_id RGS7JN6FZXUSTC2XKQHH27574XOULYYJ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/
30
reference_url https://access.redhat.com/errata/RHSA-2024:0965
reference_id RHSA-2024:0965
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0965
31
reference_url https://access.redhat.com/errata/RHSA-2024:0977
reference_id RHSA-2024:0977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0977
32
reference_url https://access.redhat.com/errata/RHSA-2024:0981
reference_id RHSA-2024:0981
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0981
33
reference_url https://access.redhat.com/errata/RHSA-2024:0982
reference_id RHSA-2024:0982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0982
34
reference_url https://access.redhat.com/errata/RHSA-2024:11003
reference_id RHSA-2024:11003
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11003
35
reference_url https://access.redhat.com/errata/RHSA-2024:1334
reference_id RHSA-2024:1334
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1334
36
reference_url https://access.redhat.com/errata/RHSA-2024:1335
reference_id RHSA-2024:1335
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1335
37
reference_url https://access.redhat.com/errata/RHSA-2024:1522
reference_id RHSA-2024:1522
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1522
38
reference_url https://access.redhat.com/errata/RHSA-2024:1543
reference_id RHSA-2024:1543
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1543
39
reference_url https://access.redhat.com/errata/RHSA-2024:1544
reference_id RHSA-2024:1544
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1544
40
reference_url https://access.redhat.com/errata/RHSA-2024:1545
reference_id RHSA-2024:1545
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1545
41
reference_url https://access.redhat.com/errata/RHSA-2024:1647
reference_id RHSA-2024:1647
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1647
42
reference_url https://access.redhat.com/errata/RHSA-2024:1648
reference_id RHSA-2024:1648
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1648
43
reference_url https://access.redhat.com/errata/RHSA-2024:1781
reference_id RHSA-2024:1781
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1781
44
reference_url https://access.redhat.com/errata/RHSA-2024:1782
reference_id RHSA-2024:1782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1782
45
reference_url https://access.redhat.com/errata/RHSA-2024:1789
reference_id RHSA-2024:1789
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1789
46
reference_url https://access.redhat.com/errata/RHSA-2024:1800
reference_id RHSA-2024:1800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1800
47
reference_url https://access.redhat.com/errata/RHSA-2024:1801
reference_id RHSA-2024:1801
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1801
48
reference_url https://access.redhat.com/errata/RHSA-2024:1803
reference_id RHSA-2024:1803
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1803
49
reference_url https://access.redhat.com/errata/RHSA-2024:1804
reference_id RHSA-2024:1804
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1804
50
reference_url https://access.redhat.com/errata/RHSA-2024:2551
reference_id RHSA-2024:2551
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2551
51
reference_url https://access.redhat.com/errata/RHSA-2024:2587
reference_id RHSA-2024:2587
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2587
52
reference_url https://access.redhat.com/errata/RHSA-2024:2696
reference_id RHSA-2024:2696
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2696
53
reference_url https://access.redhat.com/errata/RHSA-2024:2720
reference_id RHSA-2024:2720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2720
54
reference_url https://access.redhat.com/errata/RHSA-2024:2721
reference_id RHSA-2024:2721
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2721
55
reference_url https://access.redhat.com/errata/RHSA-2024:2821
reference_id RHSA-2024:2821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2821
56
reference_url https://access.redhat.com/errata/RHSA-2024:2890
reference_id RHSA-2024:2890
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2890
57
reference_url https://access.redhat.com/errata/RHSA-2024:3271
reference_id RHSA-2024:3271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3271
58
reference_url https://access.redhat.com/errata/RHSA-2024:3741
reference_id RHSA-2024:3741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3741
59
reference_url https://access.redhat.com/errata/RHSA-2024:3877
reference_id RHSA-2024:3877
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3877
60
reference_url https://access.redhat.com/errata/RHSA-2024:3929
reference_id RHSA-2024:3929
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3929
61
reference_url https://access.redhat.com/errata/RHSA-2025:0039
reference_id RHSA-2025:0039
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:0039
62
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1219826
reference_id show_bug.cgi?id=1219826
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://bugzilla.suse.com/show_bug.cgi?id=1219826
63
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/
reference_id SVYA42BLXUCIDLD35YIJPJSHDIADNYMP
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/
64
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/
reference_id TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/
65
reference_url https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/
reference_id unbound-1.19.1-released
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/
66
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/
reference_id UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/
67
reference_url https://usn.ubuntu.com/6633-1/
reference_id USN-6633-1
reference_type
scores
url https://usn.ubuntu.com/6633-1/
68
reference_url https://usn.ubuntu.com/6642-1/
reference_id USN-6642-1
reference_type
scores
url https://usn.ubuntu.com/6642-1/
69
reference_url https://usn.ubuntu.com/6657-1/
reference_id USN-6657-1
reference_type
scores
url https://usn.ubuntu.com/6657-1/
70
reference_url https://usn.ubuntu.com/6657-2/
reference_id USN-6657-2
reference_type
scores
url https://usn.ubuntu.com/6657-2/
71
reference_url https://usn.ubuntu.com/6665-1/
reference_id USN-6665-1
reference_type
scores
url https://usn.ubuntu.com/6665-1/
72
reference_url https://usn.ubuntu.com/6723-1/
reference_id USN-6723-1
reference_type
scores
url https://usn.ubuntu.com/6723-1/
73
reference_url https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1
reference_id v5.7.1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1
74
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/
reference_id ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/
fixed_packages
0
url pkg:deb/debian/dnsjava@3.6.2-2
purl pkg:deb/debian/dnsjava@3.6.2-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsjava@3.6.2-2
aliases CVE-2023-50868
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vprj-j7u6-zbe7
2
url VCID-wx5x-pkdb-sbgt
vulnerability_id VCID-wx5x-pkdb-sbgt
summary 
DNSJava DNSSEC Bypass
### Summary

Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones.

### Details

DNS Messages are not authenticated. They do not guarantee that

- received RRs are authentic
- not received RRs do not exist
- all or any received records in a response relate to the request

Applications utilizing DNSSEC generally expect these guarantees to be met, however DNSSEC by itself only guarantees the first two.
To meet the third guarantee, resolvers generally follow an (undocumented, as far as RFCs go) algorithm such as: (simplified, e.g. lacks DNSSEC validation!)

1. denote by `QNAME` the name you are querying (e.g. fraunhofer.de.), and initialize a list of aliases
2. if the ANSWER section contains a valid PTR RRSet for `QNAME`, return it (and optionally return the list of aliases as well)
3. if the ANSWER section contains a valid CNAME RRSet for `QNAME`, add it to the list of aliases. Set `QNAME` to the CNAME's target and go to 2.
4. Verify that `QNAME` does not have any PTR, CNAME and DNAME records using valid NSEC or NSEC3 records. Return `null`.

Note that this algorithm relies on NSEC records and thus requires a considerable portion of the DNSSEC specifications to be implemented. For this reason, it cannot be performed by a DNS client (aka application) and is typically performed as part of the resolver logic.

dnsjava does not implement a comparable algorithm, and the provided APIs instead return either

- the received DNS message itself (e.g. when using a ValidatingResolver such as in [this](https://github.com/dnsjava/dnsjava/blob/master/EXAMPLES.md#dnssec-resolver) example), or
- essentially just the contents of its ANSWER section (e.g. when using a LookupSession such as in [this](https://github.com/dnsjava/dnsjava/blob/master/EXAMPLES.md#simple-lookup-with-a-resolver) example)

If applications blindly filter the received results for RRs of the desired record type (as seems to be typical usage for dnsjava), a rogue recursive resolver or (on UDP/TCP connections) a network attacker can

- In addition to the actual DNS response, add RRs irrelevant to the query but of the right datatype, e.g. from another zone, as long as that zone is correctly using DNSSEC, or
- completely exchange the relevant response records

### Impact

DNS(SEC) libraries are usually used as part of a larger security framework.
Therefore, the main misuses of this vulnerability concern application code, which might take the returned records as authentic answers to the request.
Here are three concrete examples of where this might be detrimental:

- [RFC 6186](https://datatracker.ietf.org/doc/html/rfc6186) specifies that to connect to an IMAP server for a user, a mail user agent should retrieve certain SRV records and send the user's credentials to the specified servers. Exchanging the SRV records can be a tool to redirect the credentials.
- When delivering mail via SMTP, MX records determine where to deliver the mails to. Exchanging the MX records might lead to information disclosure. Additionally, an exchange of TLSA records might allow attackers to intercept TLS traffic.
- Some research projects like [LIGHTest](https://www.lightest.eu/) are trying to manage CA trust stores via URI and SMIMEA records in the DNS. Exchanging these allows manipulating the root of trust for dependent applications.

### Mitigations

At this point, the following mitigations are recommended:

- When using a ValidatingResolver, ignore any Server indications of whether or not data was available (e.g. NXDOMAIN, NODATA, ...).
- For APIs returning RRs from DNS responses, filter the RRs using an algorithm such as the one above. This includes e.g. `LookupSession.lookupAsync`.
- Remove APIs dealing with raw DNS messages from the examples section or place a noticable warning above.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25638.json
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25638.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-25638
reference_id
reference_type
scores
0
value 0.00188
scoring_system epss
scoring_elements 0.40678
published_at 2026-04-13T12:55:00Z
1
value 0.00188
scoring_system epss
scoring_elements 0.40706
published_at 2026-04-02T12:55:00Z
2
value 0.00188
scoring_system epss
scoring_elements 0.40734
published_at 2026-04-04T12:55:00Z
3
value 0.00188
scoring_system epss
scoring_elements 0.40658
published_at 2026-04-07T12:55:00Z
4
value 0.00188
scoring_system epss
scoring_elements 0.40708
published_at 2026-04-08T12:55:00Z
5
value 0.00188
scoring_system epss
scoring_elements 0.40714
published_at 2026-04-09T12:55:00Z
6
value 0.00188
scoring_system epss
scoring_elements 0.40732
published_at 2026-04-11T12:55:00Z
7
value 0.00188
scoring_system epss
scoring_elements 0.40697
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-25638
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25638
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25638
3
reference_url https://github.com/dnsjava/dnsjava
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
1
value 7.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/dnsjava/dnsjava
4
reference_url https://github.com/dnsjava/dnsjava/commit/2073a0cdea2c560465f7ac0cc56f202e6fc39705
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
1
value 7.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T15:32:07Z/
url https://github.com/dnsjava/dnsjava/commit/2073a0cdea2c560465f7ac0cc56f202e6fc39705
5
reference_url https://github.com/dnsjava/dnsjava/commit/bc51df1c455e6c9fb7cbd42fcb6d62d16047818d
reference_id
reference_type
scores
url https://github.com/dnsjava/dnsjava/commit/bc51df1c455e6c9fb7cbd42fcb6d62d16047818d
6
reference_url https://github.com/dnsjava/dnsjava/security/advisories/GHSA-cfxw-4h78-h7fw
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T15:32:07Z/
url https://github.com/dnsjava/dnsjava/security/advisories/GHSA-cfxw-4h78-h7fw
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-25638
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
1
value 7.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-25638
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077368
reference_id 1077368
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077368
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2299292
reference_id 2299292
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2299292
10
reference_url https://github.com/advisories/GHSA-cfxw-4h78-h7fw
reference_id GHSA-cfxw-4h78-h7fw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cfxw-4h78-h7fw
fixed_packages
0
url pkg:deb/debian/dnsjava@3.6.2-2
purl pkg:deb/debian/dnsjava@3.6.2-2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsjava@3.6.2-2
aliases CVE-2024-25638, GHSA-cfxw-4h78-h7fw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wx5x-pkdb-sbgt
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/dnsjava@2.1.8-2