Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1

Type deb

Namespace debian

Name pdns-recursor

Version 4.8.8-1+deb12u1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 5.2.9-0+deb13u1

Latest_non_vulnerable_version 5.4.1-1

Affected_by_vulnerabilities

url VCID-26wf-1bqp-sbff

vulnerability_id VCID-26wf-1bqp-sbff

summary If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-33601

reference_id

reference_type

scores

value	4e-05
scoring_system	epss
scoring_elements	0.00174
published_at	2026-04-26T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00212
published_at	2026-04-24T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00255
published_at	2026-05-14T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00257
published_at	2026-05-11T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00254
published_at	2026-05-12T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00259
published_at	2026-04-29T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.0026
published_at	2026-05-05T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00261
published_at	2026-05-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-33601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33601

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

reference_id

powerdns-advisory-powerdns-2026-03.html

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:52:54Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

fixed_packages

url pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

purl pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1

url	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
purl	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.9-0%252Bdeb13u1

url	pkg:deb/debian/pdns-recursor@5.4.1-1
purl	pkg:deb/debian/pdns-recursor@5.4.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.1-1

aliases CVE-2026-33601

risk_score 1.1

exploitability 0.5

weighted_severity 2.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-26wf-1bqp-sbff

url VCID-2ugc-uygs-hqb8

vulnerability_id VCID-2ugc-uygs-hqb8

summary Crafted delegations or IP fragments can poison cached delegations in Recursor.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-59024

reference_id

reference_type

scores

value	3e-05
scoring_system	epss
scoring_elements	0.00077
published_at	2026-05-07T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00072
published_at	2026-04-21T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00074
published_at	2026-05-11T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00076
published_at	2026-04-29T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00078
published_at	2026-05-05T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00075
published_at	2026-05-14T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00236
published_at	2026-04-18T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00205
published_at	2026-04-16T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00202
published_at	2026-04-09T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00203
published_at	2026-04-13T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00204
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-59024

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59024
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59024

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118751
reference_id	1118751
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118751

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-06.html

reference_id

powerdns-advisory-2025-06.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-09T16:11:42Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-06.html

fixed_packages

url pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

purl pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1

aliases CVE-2025-59024

risk_score 1.6

exploitability 0.5

weighted_severity 3.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2ugc-uygs-hqb8

url VCID-5afe-ws96-nqh9

vulnerability_id VCID-5afe-ws96-nqh9

summary By publishing and querying a crafted zone an attacker can cause allocation of large entries in the negative and aggressive NSEC(3) caches.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-33258

reference_id

reference_type

scores

value	3e-05
scoring_system	epss
scoring_elements	0.00128
published_at	2026-05-14T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00129
published_at	2026-05-09T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00127
published_at	2026-05-12T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00114
published_at	2026-04-24T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00082
published_at	2026-04-26T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00131
published_at	2026-04-29T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.0013
published_at	2026-05-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-33258

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33258
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33258

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

reference_id

powerdns-advisory-powerdns-2026-03.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:54:49Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

fixed_packages

url pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

purl pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1

url	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
purl	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.9-0%252Bdeb13u1

url	pkg:deb/debian/pdns-recursor@5.4.1-1
purl	pkg:deb/debian/pdns-recursor@5.4.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.1-1

aliases CVE-2026-33258

risk_score 1.3

exploitability 0.5

weighted_severity 2.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5afe-ws96-nqh9

url VCID-anab-r9ty-1yh1

vulnerability_id VCID-anab-r9ty-1yh1

summary An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-33600

reference_id

reference_type

scores

value	0.00018
scoring_system	epss
scoring_elements	0.04891
published_at	2026-04-24T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04927
published_at	2026-04-26T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06622
published_at	2026-05-14T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06595
published_at	2026-05-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06606
published_at	2026-05-12T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06375
published_at	2026-04-29T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06393
published_at	2026-05-05T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06509
published_at	2026-05-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06584
published_at	2026-05-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-33600

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33600
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33600

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

reference_id

powerdns-advisory-powerdns-2026-03.html

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:52:53Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

fixed_packages

url pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

purl pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1

url	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
purl	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.9-0%252Bdeb13u1

url	pkg:deb/debian/pdns-recursor@5.4.1-1
purl	pkg:deb/debian/pdns-recursor@5.4.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.1-1

aliases CVE-2026-33600

risk_score 1.1

exploitability 0.5

weighted_severity 2.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-anab-r9ty-1yh1

url VCID-cdzz-8tc8-jucu

vulnerability_id VCID-cdzz-8tc8-jucu

summary Crafted delegations or IP fragments can poison cached delegations in Recursor.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-59023

reference_id

reference_type

scores

value	6e-05
scoring_system	epss
scoring_elements	0.00345
published_at	2026-04-13T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00365
published_at	2026-04-02T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.0034
published_at	2026-04-16T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00368
published_at	2026-04-04T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00356
published_at	2026-04-07T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00353
published_at	2026-04-09T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.0035
published_at	2026-04-11T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00347
published_at	2026-04-12T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00505
published_at	2026-05-14T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00504
published_at	2026-05-11T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00502
published_at	2026-05-12T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00428
published_at	2026-04-18T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00487
published_at	2026-04-21T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00485
published_at	2026-04-24T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00486
published_at	2026-04-26T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00512
published_at	2026-04-29T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00518
published_at	2026-05-05T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00517
published_at	2026-05-07T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00511
published_at	2026-05-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-59023

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59023
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59023

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118751
reference_id	1118751
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118751

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-06.html

reference_id

powerdns-advisory-2025-06.html

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T16:17:14Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-06.html

fixed_packages

url pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

purl pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1

aliases CVE-2025-59023

risk_score 2.0

exploitability 0.5

weighted_severity 4.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cdzz-8tc8-jucu

url VCID-chzq-qej6-rkdq

vulnerability_id VCID-chzq-qej6-rkdq

summary An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-33257

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01593
published_at	2026-05-14T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01614
published_at	2026-04-29T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01581
published_at	2026-05-12T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01586
published_at	2026-05-11T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01588
published_at	2026-05-09T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01592
published_at	2026-05-07T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01597
published_at	2026-05-05T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00992
published_at	2026-04-26T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00988
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-33257

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33257
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33257

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135373
reference_id	1135373
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135373

reference_url

https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html

reference_id

powerdns-advisory-2026-05.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:54:48Z/

url

https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html

reference_url

https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html

reference_id

powerdns-advisory-for-dnsdist-2026-04.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:54:48Z/

url

https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

reference_id

powerdns-advisory-powerdns-2026-03.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:54:48Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

fixed_packages

url pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

purl pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1

url	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
purl	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.9-0%252Bdeb13u1

url pkg:deb/debian/pdns-recursor@5.4.0-1

purl pkg:deb/debian/pdns-recursor@5.4.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1

url	pkg:deb/debian/pdns-recursor@5.4.1-1
purl	pkg:deb/debian/pdns-recursor@5.4.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.1-1

aliases CVE-2026-33257

risk_score 1.3

exploitability 0.5

weighted_severity 2.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-chzq-qej6-rkdq

url VCID-k3re-ss39-zugm

vulnerability_id VCID-k3re-ss39-zugm

summary An attacker can send replies that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service. Cookies are disabled by default.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-33262

reference_id

reference_type

scores

value	4e-05
scoring_system	epss
scoring_elements	0.00196
published_at	2026-04-26T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00247
published_at	2026-04-24T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00271
published_at	2026-05-14T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00275
published_at	2026-05-11T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00272
published_at	2026-05-12T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00276
published_at	2026-05-05T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00278
published_at	2026-05-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-33262

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33262
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33262

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

reference_id

powerdns-advisory-powerdns-2026-03.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:52:58Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

fixed_packages

url pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

purl pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1

url	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
purl	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.9-0%252Bdeb13u1

url	pkg:deb/debian/pdns-recursor@5.4.1-1
purl	pkg:deb/debian/pdns-recursor@5.4.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.1-1

aliases CVE-2026-33262

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k3re-ss39-zugm

url VCID-m445-c6a1-uugf

vulnerability_id VCID-m445-c6a1-uugf

summary Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-0398

reference_id

reference_type

scores

value	5e-05
scoring_system	epss
scoring_elements	0.00208
published_at	2026-04-02T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00209
published_at	2026-04-16T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00206
published_at	2026-04-13T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00205
published_at	2026-04-09T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00207
published_at	2026-04-11T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00244
published_at	2026-04-18T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00282
published_at	2026-04-24T12:55:00Z

value	5e-05
scoring_system	epss
scoring_elements	0.00281
published_at	2026-04-26T12:55:00Z

value	8e-05
scoring_system	epss
scoring_elements	0.00698
published_at	2026-05-11T12:55:00Z

value	8e-05
scoring_system	epss
scoring_elements	0.00704
published_at	2026-05-09T12:55:00Z

value	8e-05
scoring_system	epss
scoring_elements	0.00692
published_at	2026-05-12T12:55:00Z

value	8e-05
scoring_system	epss
scoring_elements	0.00697
published_at	2026-05-14T12:55:00Z

value	8e-05
scoring_system	epss
scoring_elements	0.00708
published_at	2026-05-07T12:55:00Z

value	8e-05
scoring_system	epss
scoring_elements	0.00714
published_at	2026-05-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-0398

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0398
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0398

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127490
reference_id	1127490
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127490

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-01.html

reference_id

powerdns-advisory-2026-01.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T15:36:48Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-01.html

fixed_packages

url pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

purl pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1

aliases CVE-2026-0398

risk_score 1.3

exploitability 0.5

weighted_severity 2.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m445-c6a1-uugf

url VCID-mzne-k7ry-pubm

vulnerability_id VCID-mzne-k7ry-pubm

summary Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-33259

reference_id

reference_type

scores

value	2e-05
scoring_system	epss
scoring_elements	0.00042
published_at	2026-05-14T12:55:00Z

value	2e-05
scoring_system	epss
scoring_elements	0.0004
published_at	2026-05-05T12:55:00Z

value	2e-05
scoring_system	epss
scoring_elements	0.00041
published_at	2026-05-11T12:55:00Z

value	2e-05
scoring_system	epss
scoring_elements	0.00038
published_at	2026-04-24T12:55:00Z

value	2e-05
scoring_system	epss
scoring_elements	0.00028
published_at	2026-04-26T12:55:00Z

value	2e-05
scoring_system	epss
scoring_elements	0.00039
published_at	2026-05-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-33259

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33259
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33259

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

reference_id

powerdns-advisory-powerdns-2026-03.html

reference_type

scores

value	5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:52:55Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

fixed_packages

url pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

purl pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1

url	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
purl	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.9-0%252Bdeb13u1

url	pkg:deb/debian/pdns-recursor@5.4.1-1
purl	pkg:deb/debian/pdns-recursor@5.4.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.1-1

aliases CVE-2026-33259

risk_score 1.2

exploitability 0.5

weighted_severity 2.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mzne-k7ry-pubm

url VCID-pfhu-1qdf-p7d5

vulnerability_id VCID-pfhu-1qdf-p7d5

summary An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-33260

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01593
published_at	2026-05-14T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01614
published_at	2026-04-29T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01581
published_at	2026-05-12T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01586
published_at	2026-05-11T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01588
published_at	2026-05-09T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01592
published_at	2026-05-07T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01597
published_at	2026-05-05T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00992
published_at	2026-04-26T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00988
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-33260

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33260
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33260

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135373
reference_id	1135373
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135373

reference_url

https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html

reference_id

powerdns-advisory-2026-05.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:54:50Z/

url

https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html

reference_url

https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html

reference_id

powerdns-advisory-for-dnsdist-2026-04.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:54:50Z/

url

https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

reference_id

powerdns-advisory-powerdns-2026-03.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:54:50Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

fixed_packages

url pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

purl pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1

url	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
purl	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.9-0%252Bdeb13u1

url pkg:deb/debian/pdns-recursor@5.4.0-1

purl pkg:deb/debian/pdns-recursor@5.4.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.0-1

aliases CVE-2026-33260

risk_score 1.3

exploitability 0.5

weighted_severity 2.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pfhu-1qdf-p7d5

url VCID-pjbp-1jgm-s3cg

vulnerability_id VCID-pjbp-1jgm-s3cg

summary Crafted zones can lead to increased incoming network traffic.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-24027

reference_id

reference_type

scores

value	0.0001
scoring_system	epss
scoring_elements	0.01098
published_at	2026-05-12T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01108
published_at	2026-05-14T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01103
published_at	2026-05-11T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01111
published_at	2026-05-09T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01115
published_at	2026-05-07T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01117
published_at	2026-05-05T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00324
published_at	2026-04-12T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00323
published_at	2026-04-13T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00339
published_at	2026-04-02T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00402
published_at	2026-04-18T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00318
published_at	2026-04-16T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00337
published_at	2026-04-04T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00329
published_at	2026-04-07T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00326
published_at	2026-04-08T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00327
published_at	2026-04-09T12:55:00Z

value	6e-05
scoring_system	epss
scoring_elements	0.00325
published_at	2026-04-11T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00527
published_at	2026-04-26T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.00525
published_at	2026-04-24T12:55:00Z

value	7e-05
scoring_system	epss
scoring_elements	0.0053
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-24027

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24027
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24027

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127490
reference_id	1127490
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127490

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-01.html

reference_id

powerdns-advisory-2026-01.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-09T16:19:10Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-01.html

fixed_packages

url pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

purl pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1

aliases CVE-2026-24027

risk_score 1.3

exploitability 0.5

weighted_severity 2.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pjbp-1jgm-s3cg

url VCID-umcq-ztbz-qfb2

vulnerability_id VCID-umcq-ztbz-qfb2

summary An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-59030

reference_id

reference_type

scores

value	0.00057
scoring_system	epss
scoring_elements	0.17494
published_at	2026-05-05T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19454
published_at	2026-04-13T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19424
published_at	2026-04-18T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19416
published_at	2026-04-16T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19561
published_at	2026-04-11T12:55:00Z

value	0.00063
scoring_system	epss
scoring_elements	0.19513
published_at	2026-04-12T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20306
published_at	2026-04-29T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20341
published_at	2026-04-26T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.20346
published_at	2026-04-24T12:55:00Z

value	0.00066
scoring_system	epss
scoring_elements	0.2047
published_at	2026-04-21T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23608
published_at	2026-05-14T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23556
published_at	2026-05-09T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23508
published_at	2026-05-11T12:55:00Z

value	0.0008
scoring_system	epss
scoring_elements	0.23524
published_at	2026-05-12T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24128
published_at	2026-05-07T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.2459
published_at	2026-04-07T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24706
published_at	2026-04-09T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24659
published_at	2026-04-08T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24816
published_at	2026-04-04T12:55:00Z

value	0.00085
scoring_system	epss
scoring_elements	0.24777
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-59030

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59030
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-59030

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122197
reference_id	1122197
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122197

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-08.html

reference_id

powerdns-advisory-2025-08.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-09T14:30:11Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-08.html

fixed_packages

url pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

purl pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1

aliases CVE-2025-59030

risk_score 1.9

exploitability 0.5

weighted_severity 3.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-umcq-ztbz-qfb2

url VCID-v9yz-hcqv-83gu

vulnerability_id VCID-v9yz-hcqv-83gu

summary A zone transition from NSEC to NSEC3 might trigger an internal inconsistency and cause a denial of service.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-33261

reference_id

reference_type

scores

value	2e-05
scoring_system	epss
scoring_elements	0.00049
published_at	2026-04-26T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00076
published_at	2026-05-14T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00075
published_at	2026-05-12T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00074
published_at	2026-05-11T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00078
published_at	2026-05-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-33261

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33261
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33261

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

reference_id

powerdns-advisory-powerdns-2026-03.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:52:56Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

fixed_packages

url pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

purl pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1

url	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
purl	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.9-0%252Bdeb13u1

url	pkg:deb/debian/pdns-recursor@5.4.1-1
purl	pkg:deb/debian/pdns-recursor@5.4.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.1-1

aliases CVE-2026-33261

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v9yz-hcqv-83gu

url VCID-wywf-pmyt-zud4

vulnerability_id VCID-wywf-pmyt-zud4

summary An attacker spoofing answers to ECS enabled requests sent out by the Recursor has a chance of success higher than non-ECS enabled queries. The updated version include various mitigations against spoofing attempts of ECS enabled queries by chaining ECS enabled requests and enforcing stricter validation of the received answers. The most strict mitigation done when the new setting outgoing.edns_subnet_harden (old style name edns-subnet-harden) is enabled.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-30192

reference_id

reference_type

scores

value	0.00033
scoring_system	epss
scoring_elements	0.09691
published_at	2026-04-02T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09742
published_at	2026-04-04T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13327
published_at	2026-04-07T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.1341
published_at	2026-04-08T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.1346
published_at	2026-04-09T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13399
published_at	2026-04-12T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13434
published_at	2026-04-11T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13352
published_at	2026-04-13T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.14882
published_at	2026-04-18T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.14876
published_at	2026-04-16T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.14936
published_at	2026-04-21T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.14975
published_at	2026-04-24T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.14977
published_at	2026-04-26T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.14919
published_at	2026-04-29T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.14794
published_at	2026-05-05T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16403
published_at	2026-05-09T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16368
published_at	2026-05-11T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16474
published_at	2026-05-14T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16402
published_at	2026-05-12T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16297
published_at	2026-05-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-30192

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30192
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30192

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109808
reference_id	1109808
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109808

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-04.html

reference_id

powerdns-advisory-2025-04.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-21T13:05:23Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-04.html

fixed_packages

url pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

purl pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1

aliases CVE-2025-30192

risk_score 1.9

exploitability 0.5

weighted_severity 3.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wywf-pmyt-zud4

url VCID-xasd-r2rc-2ufq

vulnerability_id VCID-xasd-r2rc-2ufq

summary An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-33256

reference_id

reference_type

scores

value	3e-05
scoring_system	epss
scoring_elements	0.00128
published_at	2026-05-14T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00131
published_at	2026-05-07T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.0013
published_at	2026-05-09T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00114
published_at	2026-04-24T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00083
published_at	2026-04-26T12:55:00Z

value	3e-05
scoring_system	epss
scoring_elements	0.00132
published_at	2026-04-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-33256

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33256
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33256

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

reference_id

powerdns-advisory-powerdns-2026-03.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:54:46Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html

fixed_packages

url pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

purl pkg:deb/debian/pdns-recursor@5.2.8-0%2Bdeb13u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.8-0%252Bdeb13u1

url	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
purl	pkg:deb/debian/pdns-recursor@5.2.9-0%2Bdeb13u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.2.9-0%252Bdeb13u1

url	pkg:deb/debian/pdns-recursor@5.4.1-1
purl	pkg:deb/debian/pdns-recursor@5.4.1-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@5.4.1-1

aliases CVE-2026-33256

risk_score 1.3

exploitability 0.5

weighted_severity 2.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xasd-r2rc-2ufq

Fixing_vulnerabilities

url VCID-66sa-bc5p-jqde

vulnerability_id VCID-66sa-bc5p-jqde

summary Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-50387

reference_id

reference_type

scores

value	0.51989
scoring_system	epss
scoring_elements	0.97939
published_at	2026-05-14T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97928
published_at	2026-05-07T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97931
published_at	2026-05-11T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97926
published_at	2026-04-29T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.9792
published_at	2026-04-24T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97921
published_at	2026-04-26T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97896
published_at	2026-04-02T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97922
published_at	2026-04-18T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97914
published_at	2026-04-13T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97913
published_at	2026-04-12T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97912
published_at	2026-04-11T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97909
published_at	2026-04-09T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97906
published_at	2026-04-08T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97901
published_at	2026-04-07T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97898
published_at	2026-04-04T12:55:00Z

value	0.51989
scoring_system	epss
scoring_elements	0.97935
published_at	2026-05-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-50387

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html

reference_id

017430.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845
reference_id	1063845
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852
reference_id	1063852
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750
reference_id	1077750
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750

reference_url

http://www.openwall.com/lists/oss-security/2024/02/16/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

http://www.openwall.com/lists/oss-security/2024/02/16/2

reference_url

https://www.isc.org/blogs/2024-bind-security-release/

reference_id

2024-bind-security-release

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://www.isc.org/blogs/2024-bind-security-release/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2263914
reference_id	2263914
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2263914

reference_url

http://www.openwall.com/lists/oss-security/2024/02/16/3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

http://www.openwall.com/lists/oss-security/2024/02/16/3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/

reference_id

6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/

reference_id

BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/

reference_url

https://kb.isc.org/docs/cve-2023-50387

reference_id

cve-2023-50387

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://kb.isc.org/docs/cve-2023-50387

reference_url

https://access.redhat.com/security/cve/CVE-2023-50387

reference_id

CVE-2023-50387

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://access.redhat.com/security/cve/CVE-2023-50387

reference_url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387

reference_id

CVE-2023-50387

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387

reference_url

https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/

reference_id

dnssec_vulnerability_internet

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/

reference_url	https://security.gentoo.org/glsa/202412-10
reference_id	GLSA-202412-10
reference_type
scores
url	https://security.gentoo.org/glsa/202412-10

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/

reference_id

HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/

reference_id

IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/

reference_url

https://news.ycombinator.com/item?id=39367411

reference_id

item?id=39367411

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://news.ycombinator.com/item?id=39367411

reference_url

https://news.ycombinator.com/item?id=39372384

reference_id

item?id=39372384

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://news.ycombinator.com/item?id=39372384

reference_url

https://www.athene-center.de/aktuelles/key-trap

reference_id

key-trap

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://www.athene-center.de/aktuelles/key-trap

reference_url

https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/

reference_id

keytrap-dns-attack-could-disable-large-parts-of-internet-researchers

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/

reference_url

https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html

reference_id

msg00006.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html

reference_id

msg00011.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html

reference_url

https://security.netapp.com/advisory/ntap-20240307-0007/

reference_id

ntap-20240307-0007

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://security.netapp.com/advisory/ntap-20240307-0007/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/

reference_id

PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html

reference_id

powerdns-advisory-2024-01.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/

reference_id

RGS7JN6FZXUSTC2XKQHH27574XOULYYJ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/

reference_url	https://access.redhat.com/errata/RHSA-2024:0965
reference_id	RHSA-2024:0965
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0965

reference_url	https://access.redhat.com/errata/RHSA-2024:0977
reference_id	RHSA-2024:0977
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0977

reference_url	https://access.redhat.com/errata/RHSA-2024:0981
reference_id	RHSA-2024:0981
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0981

reference_url	https://access.redhat.com/errata/RHSA-2024:0982
reference_id	RHSA-2024:0982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0982

reference_url	https://access.redhat.com/errata/RHSA-2024:11003
reference_id	RHSA-2024:11003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:11003

reference_url	https://access.redhat.com/errata/RHSA-2024:1334
reference_id	RHSA-2024:1334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1334

reference_url	https://access.redhat.com/errata/RHSA-2024:1335
reference_id	RHSA-2024:1335
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1335

reference_url	https://access.redhat.com/errata/RHSA-2024:1522
reference_id	RHSA-2024:1522
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1522

reference_url	https://access.redhat.com/errata/RHSA-2024:1543
reference_id	RHSA-2024:1543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1543

reference_url	https://access.redhat.com/errata/RHSA-2024:1544
reference_id	RHSA-2024:1544
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1544

reference_url	https://access.redhat.com/errata/RHSA-2024:1545
reference_id	RHSA-2024:1545
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1545

reference_url	https://access.redhat.com/errata/RHSA-2024:1647
reference_id	RHSA-2024:1647
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1647

reference_url	https://access.redhat.com/errata/RHSA-2024:1648
reference_id	RHSA-2024:1648
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1648

reference_url	https://access.redhat.com/errata/RHSA-2024:1781
reference_id	RHSA-2024:1781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1781

reference_url	https://access.redhat.com/errata/RHSA-2024:1782
reference_id	RHSA-2024:1782
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1782

reference_url	https://access.redhat.com/errata/RHSA-2024:1789
reference_id	RHSA-2024:1789
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1789

reference_url	https://access.redhat.com/errata/RHSA-2024:1800
reference_id	RHSA-2024:1800
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1800

reference_url	https://access.redhat.com/errata/RHSA-2024:1801
reference_id	RHSA-2024:1801
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1801

reference_url	https://access.redhat.com/errata/RHSA-2024:1803
reference_id	RHSA-2024:1803
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1803

reference_url	https://access.redhat.com/errata/RHSA-2024:1804
reference_id	RHSA-2024:1804
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1804

reference_url	https://access.redhat.com/errata/RHSA-2024:2551
reference_id	RHSA-2024:2551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2551

reference_url	https://access.redhat.com/errata/RHSA-2024:2587
reference_id	RHSA-2024:2587
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2587

reference_url	https://access.redhat.com/errata/RHSA-2024:2696
reference_id	RHSA-2024:2696
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2696

reference_url	https://access.redhat.com/errata/RHSA-2024:2720
reference_id	RHSA-2024:2720
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2720

reference_url	https://access.redhat.com/errata/RHSA-2024:2721
reference_id	RHSA-2024:2721
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2721

reference_url	https://access.redhat.com/errata/RHSA-2024:2821
reference_id	RHSA-2024:2821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2821

reference_url	https://access.redhat.com/errata/RHSA-2024:2890
reference_id	RHSA-2024:2890
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2890

reference_url	https://access.redhat.com/errata/RHSA-2024:3271
reference_id	RHSA-2024:3271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3271

reference_url	https://access.redhat.com/errata/RHSA-2024:3741
reference_id	RHSA-2024:3741
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3741

reference_url	https://access.redhat.com/errata/RHSA-2024:3877
reference_id	RHSA-2024:3877
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3877

reference_url	https://access.redhat.com/errata/RHSA-2024:3929
reference_id	RHSA-2024:3929
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3929

reference_url	https://access.redhat.com/errata/RHSA-2025:0039
reference_id	RHSA-2025:0039
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0039

reference_url

https://bugzilla.suse.com/show_bug.cgi?id=1219823

reference_id

show_bug.cgi?id=1219823

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://bugzilla.suse.com/show_bug.cgi?id=1219823

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/

reference_id

SVYA42BLXUCIDLD35YIJPJSHDIADNYMP

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/

reference_url

https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf

reference_id

Technical_Report_KeyTrap.pdf

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/

reference_id

TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/

reference_url

https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/

reference_id

unbound-1.19.1-released

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/

reference_id

UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/

reference_url	https://usn.ubuntu.com/6633-1/
reference_id	USN-6633-1
reference_type
scores
url	https://usn.ubuntu.com/6633-1/

reference_url	https://usn.ubuntu.com/6642-1/
reference_id	USN-6642-1
reference_type
scores
url	https://usn.ubuntu.com/6642-1/

reference_url	https://usn.ubuntu.com/6657-1/
reference_id	USN-6657-1
reference_type
scores
url	https://usn.ubuntu.com/6657-1/

reference_url	https://usn.ubuntu.com/6657-2/
reference_id	USN-6657-2
reference_type
scores
url	https://usn.ubuntu.com/6657-2/

reference_url	https://usn.ubuntu.com/6665-1/
reference_id	USN-6665-1
reference_type
scores
url	https://usn.ubuntu.com/6665-1/

reference_url	https://usn.ubuntu.com/6723-1/
reference_id	USN-6723-1
reference_type
scores
url	https://usn.ubuntu.com/6723-1/

reference_url

https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1

reference_id

v5.7.1

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/

reference_id

ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/

fixed_packages

url pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1

purl pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-2ugc-uygs-hqb8

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-cdzz-8tc8-jucu

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-m445-c6a1-uugf

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-pjbp-1jgm-s3cg

vulnerability	VCID-umcq-ztbz-qfb2

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-wywf-pmyt-zud4

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1

aliases CVE-2023-50387

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-66sa-bc5p-jqde

url VCID-7dc3-qdk8-k7b2

vulnerability_id VCID-7dc3-qdk8-k7b2

summary In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-27227

reference_id

reference_type

scores

value	0.00027
scoring_system	epss
scoring_elements	0.07689
published_at	2026-05-14T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07652
published_at	2026-05-09T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07627
published_at	2026-05-11T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07648
published_at	2026-05-12T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07406
published_at	2026-04-16T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07449
published_at	2026-04-04T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.0743
published_at	2026-04-07T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07487
published_at	2026-04-08T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.0751
published_at	2026-04-11T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07496
published_at	2026-04-12T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07484
published_at	2026-04-13T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07393
published_at	2026-04-18T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07522
published_at	2026-04-21T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07482
published_at	2026-04-24T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07471
published_at	2026-04-26T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07439
published_at	2026-04-29T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07437
published_at	2026-05-05T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07584
published_at	2026-05-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-27227

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27227
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27227

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://security.archlinux.org/AVG-2655

reference_id

AVG-2655

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2655

reference_url

https://security.archlinux.org/AVG-2656

reference_id

AVG-2656

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2656

reference_url	https://usn.ubuntu.com/7203-1/
reference_id	USN-7203-1
reference_type
scores
url	https://usn.ubuntu.com/7203-1/

fixed_packages

url pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1

purl pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-2ugc-uygs-hqb8

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-cdzz-8tc8-jucu

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-m445-c6a1-uugf

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-pjbp-1jgm-s3cg

vulnerability	VCID-umcq-ztbz-qfb2

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-wywf-pmyt-zud4

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1

aliases CVE-2022-27227

risk_score 1.9

exploitability 0.5

weighted_severity 3.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7dc3-qdk8-k7b2

url VCID-8tar-s444-zfac

vulnerability_id VCID-8tar-s444-zfac

summary PowerDNS Recursor up to and including 4.5.9, 4.6.2 and 4.7.1, when protobuf logging is enabled, has Improper Cleanup upon a Thrown Exception, leading to a denial of service (daemon crash) via a DNS query that leads to an answer with specific properties.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-37428

reference_id

reference_type

scores

value	0.00053
scoring_system	epss
scoring_elements	0.16749
published_at	2026-05-14T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16879
published_at	2026-04-02T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16935
published_at	2026-04-04T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16718
published_at	2026-04-07T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16803
published_at	2026-04-08T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16858
published_at	2026-04-09T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16836
published_at	2026-04-11T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16791
published_at	2026-04-12T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16732
published_at	2026-04-13T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16668
published_at	2026-04-16T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16676
published_at	2026-04-18T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16714
published_at	2026-04-21T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16619
published_at	2026-04-24T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16609
published_at	2026-04-26T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16574
published_at	2026-04-29T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.1644
published_at	2026-05-05T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.1656
published_at	2026-05-07T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16664
published_at	2026-05-09T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.1663
published_at	2026-05-11T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16665
published_at	2026-05-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-37428

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37428
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37428

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

fixed_packages

url pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1

purl pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-2ugc-uygs-hqb8

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-cdzz-8tc8-jucu

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-m445-c6a1-uugf

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-pjbp-1jgm-s3cg

vulnerability	VCID-umcq-ztbz-qfb2

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-wywf-pmyt-zud4

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1

aliases CVE-2022-37428

risk_score 1.6

exploitability 0.5

weighted_severity 3.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8tar-s444-zfac

url VCID-mkcs-362g-t7aq

vulnerability_id VCID-mkcs-362g-t7aq

summary Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: through 4.6.5, through 4.7.4 , through 4.8.3.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-26437

reference_id

reference_type

scores

value	0.0001
scoring_system	epss
scoring_elements	0.0116
published_at	2026-04-29T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01155
published_at	2026-04-24T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01163
published_at	2026-04-26T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01348
published_at	2026-05-09T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01341
published_at	2026-05-11T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.0134
published_at	2026-05-12T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01351
published_at	2026-05-14T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01357
published_at	2026-05-05T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.0087
published_at	2026-04-21T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00824
published_at	2026-04-18T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00833
published_at	2026-04-04T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00835
published_at	2026-04-07T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00839
published_at	2026-04-08T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00836
published_at	2026-04-09T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00834
published_at	2026-04-02T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.00819
published_at	2026-04-12T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.0082
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-26437

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26437
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26437

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033941
reference_id	1033941
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033941

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN7VMRYKZHG2UDUAK326LXD3JY7NO3LR/

reference_id

CN7VMRYKZHG2UDUAK326LXD3JY7NO3LR

reference_type

scores

value	3.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-13T16:31:03Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CN7VMRYKZHG2UDUAK326LXD3JY7NO3LR/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHPD6SIQOG7245GXFQHPUEI4AZ6Y3KD6/

reference_id

IHPD6SIQOG7245GXFQHPUEI4AZ6Y3KD6

reference_type

scores

value	3.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-13T16:31:03Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHPD6SIQOG7245GXFQHPUEI4AZ6Y3KD6/

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2023-02.html

reference_id

powerdns-advisory-2023-02.html

reference_type

scores

value	3.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-13T16:31:03Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2023-02.html

fixed_packages

url pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1

purl pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-2ugc-uygs-hqb8

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-cdzz-8tc8-jucu

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-m445-c6a1-uugf

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-pjbp-1jgm-s3cg

vulnerability	VCID-umcq-ztbz-qfb2

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-wywf-pmyt-zud4

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1

aliases CVE-2023-26437

risk_score 1.6

exploitability 0.5

weighted_severity 3.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mkcs-362g-t7aq

url VCID-vprj-j7u6-zbe7

vulnerability_id VCID-vprj-j7u6-zbe7

summary Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-50868

reference_id

reference_type

scores

value	0.11802
scoring_system	epss
scoring_elements	0.93778
published_at	2026-05-12T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93774
published_at	2026-05-11T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.9377
published_at	2026-05-09T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.9373
published_at	2026-04-16T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93684
published_at	2026-04-02T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93791
published_at	2026-05-14T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93741
published_at	2026-04-29T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93742
published_at	2026-04-26T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93745
published_at	2026-04-24T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.9374
published_at	2026-04-21T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93694
published_at	2026-04-04T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93696
published_at	2026-04-07T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93706
published_at	2026-04-08T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93708
published_at	2026-04-09T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93712
published_at	2026-04-12T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93713
published_at	2026-04-13T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93737
published_at	2026-04-18T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.93761
published_at	2026-05-07T12:55:00Z

value	0.11802
scoring_system	epss
scoring_elements	0.9375
published_at	2026-05-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-50868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html

reference_id

017430.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845
reference_id	1063845
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852
reference_id	1063852
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751
reference_id	1077751
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751

reference_url

http://www.openwall.com/lists/oss-security/2024/02/16/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

http://www.openwall.com/lists/oss-security/2024/02/16/2

reference_url

https://www.isc.org/blogs/2024-bind-security-release/

reference_id

2024-bind-security-release

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://www.isc.org/blogs/2024-bind-security-release/

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2263917
reference_id	2263917
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2263917

reference_url

http://www.openwall.com/lists/oss-security/2024/02/16/3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

http://www.openwall.com/lists/oss-security/2024/02/16/3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/

reference_id

6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/

reference_id

BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/

reference_url

https://kb.isc.org/docs/cve-2023-50868

reference_id

cve-2023-50868

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://kb.isc.org/docs/cve-2023-50868

reference_url

https://access.redhat.com/security/cve/CVE-2023-50868

reference_id

CVE-2023-50868

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://access.redhat.com/security/cve/CVE-2023-50868

reference_url	https://security.gentoo.org/glsa/202412-10
reference_id	GLSA-202412-10
reference_type
scores
url	https://security.gentoo.org/glsa/202412-10

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/

reference_id

HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/

reference_id

IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/

reference_url

https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html

reference_id

msg00006.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html

reference_id

msg00011.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html

reference_url

https://security.netapp.com/advisory/ntap-20240307-0008/

reference_id

ntap-20240307-0008

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://security.netapp.com/advisory/ntap-20240307-0008/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/

reference_id

PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html

reference_id

powerdns-advisory-2024-01.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html

reference_url

https://datatracker.ietf.org/doc/html/rfc5155

reference_id

rfc5155

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://datatracker.ietf.org/doc/html/rfc5155

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/

reference_id

RGS7JN6FZXUSTC2XKQHH27574XOULYYJ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/

reference_url	https://access.redhat.com/errata/RHSA-2024:0965
reference_id	RHSA-2024:0965
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0965

reference_url	https://access.redhat.com/errata/RHSA-2024:0977
reference_id	RHSA-2024:0977
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0977

reference_url	https://access.redhat.com/errata/RHSA-2024:0981
reference_id	RHSA-2024:0981
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0981

reference_url	https://access.redhat.com/errata/RHSA-2024:0982
reference_id	RHSA-2024:0982
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0982

reference_url	https://access.redhat.com/errata/RHSA-2024:11003
reference_id	RHSA-2024:11003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:11003

reference_url	https://access.redhat.com/errata/RHSA-2024:1334
reference_id	RHSA-2024:1334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1334

reference_url	https://access.redhat.com/errata/RHSA-2024:1335
reference_id	RHSA-2024:1335
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1335

reference_url	https://access.redhat.com/errata/RHSA-2024:1522
reference_id	RHSA-2024:1522
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1522

reference_url	https://access.redhat.com/errata/RHSA-2024:1543
reference_id	RHSA-2024:1543
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1543

reference_url	https://access.redhat.com/errata/RHSA-2024:1544
reference_id	RHSA-2024:1544
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1544

reference_url	https://access.redhat.com/errata/RHSA-2024:1545
reference_id	RHSA-2024:1545
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1545

reference_url	https://access.redhat.com/errata/RHSA-2024:1647
reference_id	RHSA-2024:1647
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1647

reference_url	https://access.redhat.com/errata/RHSA-2024:1648
reference_id	RHSA-2024:1648
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1648

reference_url	https://access.redhat.com/errata/RHSA-2024:1781
reference_id	RHSA-2024:1781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1781

reference_url	https://access.redhat.com/errata/RHSA-2024:1782
reference_id	RHSA-2024:1782
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1782

reference_url	https://access.redhat.com/errata/RHSA-2024:1789
reference_id	RHSA-2024:1789
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1789

reference_url	https://access.redhat.com/errata/RHSA-2024:1800
reference_id	RHSA-2024:1800
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1800

reference_url	https://access.redhat.com/errata/RHSA-2024:1801
reference_id	RHSA-2024:1801
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1801

reference_url	https://access.redhat.com/errata/RHSA-2024:1803
reference_id	RHSA-2024:1803
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1803

reference_url	https://access.redhat.com/errata/RHSA-2024:1804
reference_id	RHSA-2024:1804
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1804

reference_url	https://access.redhat.com/errata/RHSA-2024:2551
reference_id	RHSA-2024:2551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2551

reference_url	https://access.redhat.com/errata/RHSA-2024:2587
reference_id	RHSA-2024:2587
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2587

reference_url	https://access.redhat.com/errata/RHSA-2024:2696
reference_id	RHSA-2024:2696
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2696

reference_url	https://access.redhat.com/errata/RHSA-2024:2720
reference_id	RHSA-2024:2720
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2720

reference_url	https://access.redhat.com/errata/RHSA-2024:2721
reference_id	RHSA-2024:2721
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2721

reference_url	https://access.redhat.com/errata/RHSA-2024:2821
reference_id	RHSA-2024:2821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2821

reference_url	https://access.redhat.com/errata/RHSA-2024:2890
reference_id	RHSA-2024:2890
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2890

reference_url	https://access.redhat.com/errata/RHSA-2024:3271
reference_id	RHSA-2024:3271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3271

reference_url	https://access.redhat.com/errata/RHSA-2024:3741
reference_id	RHSA-2024:3741
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3741

reference_url	https://access.redhat.com/errata/RHSA-2024:3877
reference_id	RHSA-2024:3877
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3877

reference_url	https://access.redhat.com/errata/RHSA-2024:3929
reference_id	RHSA-2024:3929
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3929

reference_url	https://access.redhat.com/errata/RHSA-2025:0039
reference_id	RHSA-2025:0039
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0039

reference_url

https://bugzilla.suse.com/show_bug.cgi?id=1219826

reference_id

show_bug.cgi?id=1219826

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://bugzilla.suse.com/show_bug.cgi?id=1219826

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/

reference_id

SVYA42BLXUCIDLD35YIJPJSHDIADNYMP

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/

reference_id

TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/

reference_url

https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/

reference_id

unbound-1.19.1-released

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/

reference_id

UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/

reference_url	https://usn.ubuntu.com/6633-1/
reference_id	USN-6633-1
reference_type
scores
url	https://usn.ubuntu.com/6633-1/

reference_url	https://usn.ubuntu.com/6642-1/
reference_id	USN-6642-1
reference_type
scores
url	https://usn.ubuntu.com/6642-1/

reference_url	https://usn.ubuntu.com/6657-1/
reference_id	USN-6657-1
reference_type
scores
url	https://usn.ubuntu.com/6657-1/

reference_url	https://usn.ubuntu.com/6657-2/
reference_id	USN-6657-2
reference_type
scores
url	https://usn.ubuntu.com/6657-2/

reference_url	https://usn.ubuntu.com/6665-1/
reference_id	USN-6665-1
reference_type
scores
url	https://usn.ubuntu.com/6665-1/

reference_url	https://usn.ubuntu.com/6723-1/
reference_id	USN-6723-1
reference_type
scores
url	https://usn.ubuntu.com/6723-1/

reference_url

https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1

reference_id

v5.7.1

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/

reference_id

ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/

fixed_packages

url pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1

purl pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-2ugc-uygs-hqb8

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-cdzz-8tc8-jucu

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-m445-c6a1-uugf

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-pjbp-1jgm-s3cg

vulnerability	VCID-umcq-ztbz-qfb2

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-wywf-pmyt-zud4

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1

aliases CVE-2023-50868

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vprj-j7u6-zbe7

url VCID-wmgd-z2j3-h7d9

vulnerability_id VCID-wmgd-z2j3-h7d9

summary An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-25590

reference_id

reference_type

scores

value	0.00126
scoring_system	epss
scoring_elements	0.31377
published_at	2026-05-12T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31446
published_at	2026-05-14T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31353
published_at	2026-05-11T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.32036
published_at	2026-04-02T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.32076
published_at	2026-04-04T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.319
published_at	2026-04-07T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31952
published_at	2026-04-08T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31981
published_at	2026-04-09T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31984
published_at	2026-04-11T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31944
published_at	2026-04-16T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31911
published_at	2026-04-13T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31923
published_at	2026-04-18T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31895
published_at	2026-04-21T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31728
published_at	2026-04-24T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31601
published_at	2026-04-26T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31517
published_at	2026-04-29T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31367
published_at	2026-05-05T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31437
published_at	2026-05-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-25590

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25590
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25590

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1083285
reference_id	1083285
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1083285

reference_url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-04.html

reference_id

powerdns-advisory-2024-04.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T17:34:21Z/

url

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-04.html

fixed_packages

url pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1

purl pkg:deb/debian/pdns-recursor@4.8.8-1%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26wf-1bqp-sbff

vulnerability	VCID-2ugc-uygs-hqb8

vulnerability	VCID-5afe-ws96-nqh9

vulnerability	VCID-anab-r9ty-1yh1

vulnerability	VCID-cdzz-8tc8-jucu

vulnerability	VCID-chzq-qej6-rkdq

vulnerability	VCID-k3re-ss39-zugm

vulnerability	VCID-m445-c6a1-uugf

vulnerability	VCID-mzne-k7ry-pubm

vulnerability	VCID-pfhu-1qdf-p7d5

vulnerability	VCID-pjbp-1jgm-s3cg

vulnerability	VCID-umcq-ztbz-qfb2

vulnerability	VCID-v9yz-hcqv-83gu

vulnerability	VCID-wywf-pmyt-zud4

vulnerability	VCID-xasd-r2rc-2ufq

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1

aliases CVE-2024-25590

risk_score 1.9

exploitability 0.5

weighted_severity 3.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wmgd-z2j3-h7d9

Risk_score 2.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns-recursor@4.8.8-1%252Bdeb12u1

Package Instance