{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","type":"deb","namespace":"debian","name":"isc-dhcp","version":"4.4.3-P1-2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"4.4.3-P1-8","latest_non_vulnerable_version":"4.4.3-P1-8","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60021?format=json","vulnerability_id":"VCID-15j3-vrxp-gqat","summary":"ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4244.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4244.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4244","reference_id":"","reference_type":"","scores":[{"value":"0.55937","scoring_system":"epss","scoring_elements":"0.98139","published_at":"2026-06-08T12:55:00Z"},{"value":"0.55937","scoring_system":"epss","scoring_elements":"0.98138","published_at":"2026-06-09T12:55:00Z"},{"value":"0.58236","scoring_system":"epss","scoring_elements":"0.98223","published_at":"2026-06-04T12:55:00Z"},{"value":"0.58236","scoring_system":"epss","scoring_elements":"0.98225","published_at":"2026-06-05T12:55:00Z"},{"value":"0.58236","scoring_system":"epss","scoring_elements":"0.98226","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693015","reference_id":"693015","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693015"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=856754","reference_id":"856754","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=856754"},{"reference_url":"https://security.gentoo.org/glsa/201209-04","reference_id":"GLSA-201209-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1266","reference_id":"RHSA-2012:1266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1267","reference_id":"RHSA-2012:1267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1268","reference_id":"RHSA-2012:1268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1365","reference_id":"RHSA-2012:1365","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1365"},{"reference_url":"https://usn.ubuntu.com/1566-1/","reference_id":"USN-1566-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1566-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99771?format=json","purl":"pkg:deb/debian/isc-dhcp@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2012-4244"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-15j3-vrxp-gqat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74217?format=json","vulnerability_id":"VCID-171n-8ny7-3qb6","summary":"In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2929.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2929.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2929","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24169","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24269","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24251","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24196","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24137","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24145","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2929"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2928","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2928"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2929","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2929"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021320","reference_id":"1021320","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021320"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2132001","reference_id":"2132001","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2132001"},{"reference_url":"https://security.gentoo.org/glsa/202305-22","reference_id":"GLSA-202305-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2502","reference_id":"RHSA-2023:2502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3000","reference_id":"RHSA-2023:3000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3000"},{"reference_url":"https://usn.ubuntu.com/5658-1/","reference_id":"USN-5658-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5658-1/"},{"reference_url":"https://usn.ubuntu.com/5658-2/","reference_id":"USN-5658-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5658-2/"},{"reference_url":"https://usn.ubuntu.com/5658-3/","reference_id":"USN-5658-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5658-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99785?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99784?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-2.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2022-2929"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-171n-8ny7-3qb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74194?format=json","vulnerability_id":"VCID-3pcq-v6s5-a7a5","summary":"ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3955.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3955.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3955","reference_id":"","reference_type":"","scores":[{"value":"0.17439","scoring_system":"epss","scoring_elements":"0.95195","published_at":"2026-06-04T12:55:00Z"},{"value":"0.17439","scoring_system":"epss","scoring_elements":"0.95203","published_at":"2026-06-05T12:55:00Z"},{"value":"0.17439","scoring_system":"epss","scoring_elements":"0.95204","published_at":"2026-06-06T12:55:00Z"},{"value":"0.17439","scoring_system":"epss","scoring_elements":"0.95206","published_at":"2026-06-07T12:55:00Z"},{"value":"0.17439","scoring_system":"epss","scoring_elements":"0.95205","published_at":"2026-06-08T12:55:00Z"},{"value":"0.17439","scoring_system":"epss","scoring_elements":"0.95208","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3955"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=856766","reference_id":"856766","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=856766"},{"reference_url":"https://security.gentoo.org/glsa/201301-06","reference_id":"GLSA-201301-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0504","reference_id":"RHSA-2013:0504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0504"},{"reference_url":"https://usn.ubuntu.com/1571-1/","reference_id":"USN-1571-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1571-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99777?format=json","purl":"pkg:deb/debian/isc-dhcp@4.2.4-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.2.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2012-3955"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3pcq-v6s5-a7a5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74168?format=json","vulnerability_id":"VCID-51qn-bjk4-9yd9","summary":"dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and hardware ethernet configuration settings are both used, allows remote attackers to cause a denial of service (daemon crash) via unspecified requests.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1892.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1892.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1892","reference_id":"","reference_type":"","scores":[{"value":"0.06663","scoring_system":"epss","scoring_elements":"0.91383","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06663","scoring_system":"epss","scoring_elements":"0.91397","published_at":"2026-06-05T12:55:00Z"},{"value":"0.06663","scoring_system":"epss","scoring_elements":"0.91399","published_at":"2026-06-06T12:55:00Z"},{"value":"0.06663","scoring_system":"epss","scoring_elements":"0.91395","published_at":"2026-06-07T12:55:00Z"},{"value":"0.06663","scoring_system":"epss","scoring_elements":"0.91391","published_at":"2026-06-08T12:55:00Z"},{"value":"0.06663","scoring_system":"epss","scoring_elements":"0.91405","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1892"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1892","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1892"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=509845","reference_id":"509845","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=509845"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539492","reference_id":"539492","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=539492"},{"reference_url":"https://security.gentoo.org/glsa/200908-08","reference_id":"GLSA-200908-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200908-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99765?format=json","purl":"pkg:deb/debian/isc-dhcp@3.1.2p1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@3.1.2p1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2009-1892"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-51qn-bjk4-9yd9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74173?format=json","vulnerability_id":"VCID-542j-1yvt-k7c9","summary":"ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a DHCPv6 packet containing a Relay-Forward message without an address in the Relay-Forward link-address field.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3611.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3611.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3611","reference_id":"","reference_type":"","scores":[{"value":"0.04867","scoring_system":"epss","scoring_elements":"0.89735","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04867","scoring_system":"epss","scoring_elements":"0.89752","published_at":"2026-06-05T12:55:00Z"},{"value":"0.04867","scoring_system":"epss","scoring_elements":"0.89754","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04867","scoring_system":"epss","scoring_elements":"0.89753","published_at":"2026-06-07T12:55:00Z"},{"value":"0.04867","scoring_system":"epss","scoring_elements":"0.89769","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3611"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3611","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3611"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=649877","reference_id":"649877","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=649877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0923","reference_id":"RHSA-2010:0923","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0923"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99769?format=json","purl":"pkg:deb/debian/isc-dhcp@4.1.1-P1-14?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.1.1-P1-14%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2010-3611"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-542j-1yvt-k7c9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74200?format=json","vulnerability_id":"VCID-5dxz-pnkz-g7eh","summary":"libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers to cause a denial of service (memory consumption) via vectors involving a regular expression, as demonstrated by a memory-exhaustion attack against a machine running a dhcpd process, a related issue to CVE-2013-2266.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2494.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2494.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2494","reference_id":"","reference_type":"","scores":[{"value":"0.01036","scoring_system":"epss","scoring_elements":"0.7773","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01036","scoring_system":"epss","scoring_elements":"0.77758","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01036","scoring_system":"epss","scoring_elements":"0.77765","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01036","scoring_system":"epss","scoring_elements":"0.77755","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01036","scoring_system":"epss","scoring_elements":"0.77745","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01036","scoring_system":"epss","scoring_elements":"0.77763","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2494"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704426","reference_id":"704426","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704426"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=928011","reference_id":"928011","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=928011"},{"reference_url":"https://security.gentoo.org/glsa/201401-05","reference_id":"GLSA-201401-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-05"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99778?format=json","purl":"pkg:deb/debian/isc-dhcp@4.2.4-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.2.4-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2013-2494"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5dxz-pnkz-g7eh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60024?format=json","vulnerability_id":"VCID-5wur-zx6u-u3g5","summary":"ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5689.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5689.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5689","reference_id":"","reference_type":"","scores":[{"value":"0.0381","scoring_system":"epss","scoring_elements":"0.88312","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0381","scoring_system":"epss","scoring_elements":"0.8833","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0381","scoring_system":"epss","scoring_elements":"0.88332","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0381","scoring_system":"epss","scoring_elements":"0.88333","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0381","scoring_system":"epss","scoring_elements":"0.88348","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5689"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5689","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5689"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699145","reference_id":"699145","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699145"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=903417","reference_id":"903417","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=903417"},{"reference_url":"https://security.gentoo.org/glsa/201401-34","reference_id":"GLSA-201401-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0550","reference_id":"RHSA-2013:0550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0550"},{"reference_url":"https://usn.ubuntu.com/2693-1/","reference_id":"USN-2693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2693-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99771?format=json","purl":"pkg:deb/debian/isc-dhcp@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2012-5689"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5wur-zx6u-u3g5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74174?format=json","vulnerability_id":"VCID-7rnh-v7qn-7ua6","summary":"ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote attackers to cause a denial of service (communications-interrupted state and DHCP client service loss) by connecting to a port that is only intended for a failover peer, as demonstrated by a Nagios check_tcp process check to TCP port 520.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3616.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3616.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3616","reference_id":"","reference_type":"","scores":[{"value":"0.06066","scoring_system":"epss","scoring_elements":"0.90902","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06066","scoring_system":"epss","scoring_elements":"0.90917","published_at":"2026-06-05T12:55:00Z"},{"value":"0.06066","scoring_system":"epss","scoring_elements":"0.90916","published_at":"2026-06-06T12:55:00Z"},{"value":"0.06066","scoring_system":"epss","scoring_elements":"0.90913","published_at":"2026-06-07T12:55:00Z"},{"value":"0.06066","scoring_system":"epss","scoring_elements":"0.9091","published_at":"2026-06-08T12:55:00Z"},{"value":"0.06066","scoring_system":"epss","scoring_elements":"0.90925","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3616"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=662325","reference_id":"662325","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=662325"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99771?format=json","purl":"pkg:deb/debian/isc-dhcp@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2010-3616"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7rnh-v7qn-7ua6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5470?format=json","vulnerability_id":"VCID-asf9-pdg9-uueq","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25217.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25217.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25217","reference_id":"","reference_type":"","scores":[{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63938","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63985","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63978","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63965","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.6398","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63988","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25217"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25217"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1963258","reference_id":"1963258","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1963258"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989157","reference_id":"989157","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989157"},{"reference_url":"https://security.archlinux.org/ASA-202106-10","reference_id":"ASA-202106-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-10"},{"reference_url":"https://security.archlinux.org/ASA-202106-11","reference_id":"ASA-202106-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-11"},{"reference_url":"https://security.archlinux.org/AVG-2004","reference_id":"AVG-2004","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2004"},{"reference_url":"https://security.gentoo.org/glsa/202305-22","reference_id":"GLSA-202305-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2357","reference_id":"RHSA-2021:2357","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2357"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2359","reference_id":"RHSA-2021:2359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2405","reference_id":"RHSA-2021:2405","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2405"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2414","reference_id":"RHSA-2021:2414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2415","reference_id":"RHSA-2021:2415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2416","reference_id":"RHSA-2021:2416","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2416"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2418","reference_id":"RHSA-2021:2418","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2418"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2419","reference_id":"RHSA-2021:2419","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2419"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2420","reference_id":"RHSA-2021:2420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2469","reference_id":"RHSA-2021:2469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2519","reference_id":"RHSA-2021:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2555","reference_id":"RHSA-2021:2555","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2555"},{"reference_url":"https://usn.ubuntu.com/4969-1/","reference_id":"USN-4969-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4969-1/"},{"reference_url":"https://usn.ubuntu.com/4969-2/","reference_id":"USN-4969-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4969-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99783?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2021-25217"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-asf9-pdg9-uueq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74177?format=json","vulnerability_id":"VCID-astd-r8mk-6bdv","summary":"The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0413.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0413.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0413","reference_id":"","reference_type":"","scores":[{"value":"0.08607","scoring_system":"epss","scoring_elements":"0.9257","published_at":"2026-06-04T12:55:00Z"},{"value":"0.08607","scoring_system":"epss","scoring_elements":"0.92582","published_at":"2026-06-05T12:55:00Z"},{"value":"0.08607","scoring_system":"epss","scoring_elements":"0.92578","published_at":"2026-06-06T12:55:00Z"},{"value":"0.08607","scoring_system":"epss","scoring_elements":"0.92573","published_at":"2026-06-07T12:55:00Z"},{"value":"0.08607","scoring_system":"epss","scoring_elements":"0.92571","published_at":"2026-06-08T12:55:00Z"},{"value":"0.08607","scoring_system":"epss","scoring_elements":"0.9259","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0413"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0413","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0413"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611217","reference_id":"611217","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611217"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=672755","reference_id":"672755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=672755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0256","reference_id":"RHSA-2011:0256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0256"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99772?format=json","purl":"pkg:deb/debian/isc-dhcp@4.1.1-P1-16?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.1.1-P1-16%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2011-0413"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-astd-r8mk-6bdv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6309?format=json","vulnerability_id":"VCID-atm6-a9w4-2kgc","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5732.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5732.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5732","reference_id":"","reference_type":"","scores":[{"value":"0.02521","scoring_system":"epss","scoring_elements":"0.8569","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02521","scoring_system":"epss","scoring_elements":"0.85711","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02521","scoring_system":"epss","scoring_elements":"0.85712","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02521","scoring_system":"epss","scoring_elements":"0.85697","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02521","scoring_system":"epss","scoring_elements":"0.85713","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02521","scoring_system":"epss","scoring_elements":"0.85715","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5733"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1549960","reference_id":"1549960","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1549960"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891786","reference_id":"891786","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891786"},{"reference_url":"https://security.archlinux.org/ASA-201803-3","reference_id":"ASA-201803-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-3"},{"reference_url":"https://security.archlinux.org/AVG-648","reference_id":"AVG-648","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-648"},{"reference_url":"https://security.gentoo.org/glsa/201804-05","reference_id":"GLSA-201804-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0469","reference_id":"RHSA-2018:0469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0483","reference_id":"RHSA-2018:0483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0483"},{"reference_url":"https://usn.ubuntu.com/3586-1/","reference_id":"USN-3586-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3586-1/"},{"reference_url":"https://usn.ubuntu.com/3586-2/","reference_id":"USN-3586-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3586-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99781?format=json","purl":"pkg:deb/debian/isc-dhcp@4.3.5-3.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.3.5-3.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2018-5732"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-atm6-a9w4-2kgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74188?format=json","vulnerability_id":"VCID-cvwa-uxa1-kbbe","summary":"Buffer overflow in ISC DHCP 4.2.x before 4.2.4-P1, when DHCPv6 mode is enabled, allows remote attackers to cause a denial of service (segmentation fault and daemon exit) via a crafted client identifier parameter.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3570.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3570.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3570","reference_id":"","reference_type":"","scores":[{"value":"0.0368","scoring_system":"epss","scoring_elements":"0.88127","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0368","scoring_system":"epss","scoring_elements":"0.88147","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0368","scoring_system":"epss","scoring_elements":"0.88151","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0368","scoring_system":"epss","scoring_elements":"0.8815","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0368","scoring_system":"epss","scoring_elements":"0.88165","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3570"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3570","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3570"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686174","reference_id":"686174","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686174"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=842424","reference_id":"842424","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=842424"},{"reference_url":"https://security.gentoo.org/glsa/201301-06","reference_id":"GLSA-201301-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99777?format=json","purl":"pkg:deb/debian/isc-dhcp@4.2.4-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.2.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2012-3570"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cvwa-uxa1-kbbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60022?format=json","vulnerability_id":"VCID-e47h-bu96-2ubh","summary":"ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5166.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5166.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5166","reference_id":"","reference_type":"","scores":[{"value":"0.41981","scoring_system":"epss","scoring_elements":"0.97504","published_at":"2026-06-04T12:55:00Z"},{"value":"0.41981","scoring_system":"epss","scoring_elements":"0.9751","published_at":"2026-06-06T12:55:00Z"},{"value":"0.41981","scoring_system":"epss","scoring_elements":"0.97511","published_at":"2026-06-07T12:55:00Z"},{"value":"0.41981","scoring_system":"epss","scoring_elements":"0.97512","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5166"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690118","reference_id":"690118","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=864273","reference_id":"864273","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=864273"},{"reference_url":"https://security.gentoo.org/glsa/201401-34","reference_id":"GLSA-201401-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1363","reference_id":"RHSA-2012:1363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1364","reference_id":"RHSA-2012:1364","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1364"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1365","reference_id":"RHSA-2012:1365","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1365"},{"reference_url":"https://usn.ubuntu.com/1601-1/","reference_id":"USN-1601-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1601-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99771?format=json","purl":"pkg:deb/debian/isc-dhcp@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2012-5166"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e47h-bu96-2ubh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60023?format=json","vulnerability_id":"VCID-e6mg-2c14-tfab","summary":"ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5688.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5688.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5688","reference_id":"","reference_type":"","scores":[{"value":"0.07927","scoring_system":"epss","scoring_elements":"0.92191","published_at":"2026-06-04T12:55:00Z"},{"value":"0.07927","scoring_system":"epss","scoring_elements":"0.92203","published_at":"2026-06-05T12:55:00Z"},{"value":"0.07927","scoring_system":"epss","scoring_elements":"0.92201","published_at":"2026-06-06T12:55:00Z"},{"value":"0.07927","scoring_system":"epss","scoring_elements":"0.92199","published_at":"2026-06-07T12:55:00Z"},{"value":"0.07927","scoring_system":"epss","scoring_elements":"0.922","published_at":"2026-06-08T12:55:00Z"},{"value":"0.07927","scoring_system":"epss","scoring_elements":"0.92214","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5688"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5688","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5688"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695192","reference_id":"695192","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=883533","reference_id":"883533","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=883533"},{"reference_url":"https://security.gentoo.org/glsa/201401-34","reference_id":"GLSA-201401-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1549","reference_id":"RHSA-2012:1549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1549"},{"reference_url":"https://usn.ubuntu.com/1657-1/","reference_id":"USN-1657-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1657-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99771?format=json","purl":"pkg:deb/debian/isc-dhcp@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2012-5688"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e6mg-2c14-tfab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74214?format=json","vulnerability_id":"VCID-e76m-whec-qqa8","summary":"In ISC DHCP 4.4.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1, when the function option_code_hash_lookup() is called from add_option(), it increases the option's refcount field. However, there is not a corresponding call to option_dereference() to decrement the refcount field. The function add_option() is only used in server responses to lease query packets. Each lease query response calls this function for several options, so eventually, the reference counters could overflow and cause the server to abort.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2928.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2928.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2928","reference_id":"","reference_type":"","scores":[{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.2269","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22773","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22758","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22711","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22661","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22663","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2928"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2928","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2928"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2929","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2929"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021320","reference_id":"1021320","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021320"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2132002","reference_id":"2132002","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2132002"},{"reference_url":"https://security.gentoo.org/glsa/202305-22","reference_id":"GLSA-202305-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2502","reference_id":"RHSA-2023:2502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3000","reference_id":"RHSA-2023:3000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3000"},{"reference_url":"https://usn.ubuntu.com/5658-1/","reference_id":"USN-5658-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5658-1/"},{"reference_url":"https://usn.ubuntu.com/5658-2/","reference_id":"USN-5658-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5658-2/"},{"reference_url":"https://usn.ubuntu.com/5658-3/","reference_id":"USN-5658-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5658-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99785?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99784?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-2.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2022-2928"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e76m-whec-qqa8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74179?format=json","vulnerability_id":"VCID-ehjc-zwhr-b7e5","summary":"The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2748.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2748.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2748","reference_id":"","reference_type":"","scores":[{"value":"0.87787","scoring_system":"epss","scoring_elements":"0.99488","published_at":"2026-06-08T12:55:00Z"},{"value":"0.87787","scoring_system":"epss","scoring_elements":"0.99489","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2748"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2748"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=638404","reference_id":"638404","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=638404"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=729382","reference_id":"729382","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=729382"},{"reference_url":"https://security.gentoo.org/glsa/201301-06","reference_id":"GLSA-201301-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1160","reference_id":"RHSA-2011:1160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1160"},{"reference_url":"https://usn.ubuntu.com/1190-1/","reference_id":"USN-1190-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1190-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99774?format=json","purl":"pkg:deb/debian/isc-dhcp@4.2.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.2.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2011-2748"],"risk_score":1.6,"exploitability":"2.0","weighted_severity":"0.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ehjc-zwhr-b7e5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74211?format=json","vulnerability_id":"VCID-f4fc-zvp1-3yc1","summary":"There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this from causing any harm. All releases of dhcpd from ISC contain copies of this, and other, BIND libraries in combinations that have been tested prior to release and are known to not present issues like this. Some third-party packagers of ISC software have modified the dhcpd source, BIND source, or version matchup in ways that create the crash potential. Based on reports available to ISC, the crash probability is large and no analysis has been done on how, or even if, the probability can be manipulated by an attacker. Affects: Builds of dhcpd versions prior to version 4.4.1 when using BIND versions 9.11.2 or later, or BIND versions with specific bug fixes backported to them. ISC does not have access to comprehensive version lists for all repackagings of dhcpd that are vulnerable. In particular, builds from other vendors may also be affected. Operators are advised to consult their vendor documentation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6470.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6470.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6470","reference_id":"","reference_type":"","scores":[{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.4225","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42324","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42335","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42308","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42274","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42283","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6470"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1708641","reference_id":"1708641","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1708641"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896122","reference_id":"896122","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2060","reference_id":"RHSA-2019:2060","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3525","reference_id":"RHSA-2019:3525","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3525"},{"reference_url":"https://usn.ubuntu.com/3973-1/","reference_id":"USN-3973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99782?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2019-6470"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f4fc-zvp1-3yc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74190?format=json","vulnerability_id":"VCID-g8r5-856d-vfe5","summary":"ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3571.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3571.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3571","reference_id":"","reference_type":"","scores":[{"value":"0.17426","scoring_system":"epss","scoring_elements":"0.95204","published_at":"2026-06-07T12:55:00Z"},{"value":"0.17426","scoring_system":"epss","scoring_elements":"0.95203","published_at":"2026-06-08T12:55:00Z"},{"value":"0.17426","scoring_system":"epss","scoring_elements":"0.95206","published_at":"2026-06-09T12:55:00Z"},{"value":"0.20553","scoring_system":"epss","scoring_elements":"0.95684","published_at":"2026-06-04T12:55:00Z"},{"value":"0.20553","scoring_system":"epss","scoring_elements":"0.95689","published_at":"2026-06-05T12:55:00Z"},{"value":"0.20553","scoring_system":"epss","scoring_elements":"0.95693","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3571"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3571","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3571"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686174","reference_id":"686174","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686174"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=842420","reference_id":"842420","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=842420"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/37538.py","reference_id":"CVE-2012-3571;OSVDB-84255","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/37538.py"},{"reference_url":"https://www.securityfocus.com/bid/54665/info","reference_id":"CVE-2012-3571;OSVDB-84255","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/54665/info"},{"reference_url":"https://security.gentoo.org/glsa/201301-06","reference_id":"GLSA-201301-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1140","reference_id":"RHSA-2012:1140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1141","reference_id":"RHSA-2012:1141","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1141"},{"reference_url":"https://usn.ubuntu.com/1519-1/","reference_id":"USN-1519-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1519-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99777?format=json","purl":"pkg:deb/debian/isc-dhcp@4.2.4-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.2.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2012-3571"],"risk_score":0.4,"exploitability":"2.0","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g8r5-856d-vfe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6316?format=json","vulnerability_id":"VCID-gxnv-84tc-67dn","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5733.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5733.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5733","reference_id":"","reference_type":"","scores":[{"value":"0.14479","scoring_system":"epss","scoring_elements":"0.94567","published_at":"2026-06-04T12:55:00Z"},{"value":"0.14479","scoring_system":"epss","scoring_elements":"0.94585","published_at":"2026-06-09T12:55:00Z"},{"value":"0.14479","scoring_system":"epss","scoring_elements":"0.94577","published_at":"2026-06-06T12:55:00Z"},{"value":"0.14479","scoring_system":"epss","scoring_elements":"0.94579","published_at":"2026-06-08T12:55:00Z"},{"value":"0.14479","scoring_system":"epss","scoring_elements":"0.94576","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5733"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1549961","reference_id":"1549961","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1549961"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891785","reference_id":"891785","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891785"},{"reference_url":"https://security.archlinux.org/ASA-201803-4","reference_id":"ASA-201803-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-4"},{"reference_url":"https://security.archlinux.org/AVG-646","reference_id":"AVG-646","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-646"},{"reference_url":"https://security.gentoo.org/glsa/201804-05","reference_id":"GLSA-201804-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0469","reference_id":"RHSA-2018:0469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0483","reference_id":"RHSA-2018:0483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0483"},{"reference_url":"https://usn.ubuntu.com/3586-1/","reference_id":"USN-3586-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3586-1/"},{"reference_url":"https://usn.ubuntu.com/3586-2/","reference_id":"USN-3586-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3586-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99781?format=json","purl":"pkg:deb/debian/isc-dhcp@4.3.5-3.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.3.5-3.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2018-5733"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gxnv-84tc-67dn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74186?format=json","vulnerability_id":"VCID-h451-v2dx-r7gf","summary":"An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2248","reference_id":"","reference_type":"","scores":[{"value":"0.0244","scoring_system":"epss","scoring_elements":"0.85451","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0244","scoring_system":"epss","scoring_elements":"0.85475","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0244","scoring_system":"epss","scoring_elements":"0.8548","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0244","scoring_system":"epss","scoring_elements":"0.85461","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0244","scoring_system":"epss","scoring_elements":"0.85476","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2248"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690532","reference_id":"690532","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690532"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99776?format=json","purl":"pkg:deb/debian/isc-dhcp@4.2.4-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.2.4-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2012-2248"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h451-v2dx-r7gf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74178?format=json","vulnerability_id":"VCID-haqs-mf9t-afhq","summary":"dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0997.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0997.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0997","reference_id":"","reference_type":"","scores":[{"value":"0.73501","scoring_system":"epss","scoring_elements":"0.98824","published_at":"2026-06-07T12:55:00Z"},{"value":"0.73501","scoring_system":"epss","scoring_elements":"0.98825","published_at":"2026-06-06T12:55:00Z"},{"value":"0.73501","scoring_system":"epss","scoring_elements":"0.98823","published_at":"2026-06-08T12:55:00Z"},{"value":"0.73501","scoring_system":"epss","scoring_elements":"0.98821","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0997"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0997"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=621099","reference_id":"621099","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=621099"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=689832","reference_id":"689832","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=689832"},{"reference_url":"https://security.gentoo.org/glsa/201301-06","reference_id":"GLSA-201301-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0428","reference_id":"RHSA-2011:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0840","reference_id":"RHSA-2011:0840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0840"},{"reference_url":"https://usn.ubuntu.com/1108-1/","reference_id":"USN-1108-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1108-1/"},{"reference_url":"https://usn.ubuntu.com/1108-2/","reference_id":"USN-1108-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1108-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99773?format=json","purl":"pkg:deb/debian/isc-dhcp@4.1.1-P1-16.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.1.1-P1-16.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2011-0997"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-haqs-mf9t-afhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60020?format=json","vulnerability_id":"VCID-ktau-77em-syh6","summary":"Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3868.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3868.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3868","reference_id":"","reference_type":"","scores":[{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83869","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83892","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83895","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.8389","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83881","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3868"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=842895","reference_id":"842895","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=842895"},{"reference_url":"https://security.gentoo.org/glsa/201209-04","reference_id":"GLSA-201209-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-04"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99771?format=json","purl":"pkg:deb/debian/isc-dhcp@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2012-3868"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ktau-77em-syh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74181?format=json","vulnerability_id":"VCID-mqze-xs8u-47cx","summary":"dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4539.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4539.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4539","reference_id":"","reference_type":"","scores":[{"value":"0.32265","scoring_system":"epss","scoring_elements":"0.96929","published_at":"2026-06-04T12:55:00Z"},{"value":"0.32265","scoring_system":"epss","scoring_elements":"0.96933","published_at":"2026-06-05T12:55:00Z"},{"value":"0.32265","scoring_system":"epss","scoring_elements":"0.96937","published_at":"2026-06-08T12:55:00Z"},{"value":"0.32265","scoring_system":"epss","scoring_elements":"0.96938","published_at":"2026-06-07T12:55:00Z"},{"value":"0.32265","scoring_system":"epss","scoring_elements":"0.96942","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4539"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652259","reference_id":"652259","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652259"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=761265","reference_id":"761265","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=761265"},{"reference_url":"https://security.gentoo.org/glsa/201301-06","reference_id":"GLSA-201301-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1819","reference_id":"RHSA-2011:1819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1819"},{"reference_url":"https://usn.ubuntu.com/1309-1/","reference_id":"USN-1309-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1309-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99775?format=json","purl":"pkg:deb/debian/isc-dhcp@4.2.2.dfsg.1-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.2.2.dfsg.1-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2011-4539"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mqze-xs8u-47cx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60018?format=json","vulnerability_id":"VCID-nuah-fwsh-6khq","summary":"ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1667.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1667.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1667","reference_id":"","reference_type":"","scores":[{"value":"0.47498","scoring_system":"epss","scoring_elements":"0.97762","published_at":"2026-06-09T12:55:00Z"},{"value":"0.53159","scoring_system":"epss","scoring_elements":"0.98017","published_at":"2026-06-04T12:55:00Z"},{"value":"0.53159","scoring_system":"epss","scoring_elements":"0.9802","published_at":"2026-06-05T12:55:00Z"},{"value":"0.53159","scoring_system":"epss","scoring_elements":"0.98021","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1667"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=828078","reference_id":"828078","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=828078"},{"reference_url":"https://security.gentoo.org/glsa/201209-04","reference_id":"GLSA-201209-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0716","reference_id":"RHSA-2012:0716","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0716"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0717","reference_id":"RHSA-2012:0717","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0717"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1110","reference_id":"RHSA-2012:1110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1110"},{"reference_url":"https://usn.ubuntu.com/1462-1/","reference_id":"USN-1462-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1462-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99771?format=json","purl":"pkg:deb/debian/isc-dhcp@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2012-1667"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nuah-fwsh-6khq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74203?format=json","vulnerability_id":"VCID-nugf-vx61-rfcp","summary":"ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8605.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8605.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8605","reference_id":"","reference_type":"","scores":[{"value":"0.4344","scoring_system":"epss","scoring_elements":"0.97584","published_at":"2026-06-06T12:55:00Z"},{"value":"0.4344","scoring_system":"epss","scoring_elements":"0.97582","published_at":"2026-06-05T12:55:00Z"},{"value":"0.4344","scoring_system":"epss","scoring_elements":"0.97578","published_at":"2026-06-04T12:55:00Z"},{"value":"0.45226","scoring_system":"epss","scoring_elements":"0.97674","published_at":"2026-06-09T12:55:00Z"},{"value":"0.45226","scoring_system":"epss","scoring_elements":"0.97671","published_at":"2026-06-07T12:55:00Z"},{"value":"0.45226","scoring_system":"epss","scoring_elements":"0.97672","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8605"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv2","scoring_elements":"AV:A/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1297314","reference_id":"1297314","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1297314"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810875","reference_id":"810875","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810875"},{"reference_url":"https://usn.ubuntu.com/2868-1/","reference_id":"USN-2868-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2868-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99779?format=json","purl":"pkg:deb/debian/isc-dhcp@4.3.3-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.3.3-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2015-8605"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nugf-vx61-rfcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74204?format=json","vulnerability_id":"VCID-nvzb-ye5k-ruhy","summary":"ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2774.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2774.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2774","reference_id":"","reference_type":"","scores":[{"value":"0.65582","scoring_system":"epss","scoring_elements":"0.98512","published_at":"2026-06-04T12:55:00Z"},{"value":"0.65582","scoring_system":"epss","scoring_elements":"0.98515","published_at":"2026-06-09T12:55:00Z"},{"value":"0.65582","scoring_system":"epss","scoring_elements":"0.98514","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2774"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2774","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2774"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315259","reference_id":"1315259","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315259"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817158","reference_id":"817158","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=817158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2590","reference_id":"RHSA-2016:2590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2590"},{"reference_url":"https://usn.ubuntu.com/3586-1/","reference_id":"USN-3586-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3586-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99780?format=json","purl":"pkg:deb/debian/isc-dhcp@4.3.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.3.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2016-2774"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nvzb-ye5k-ruhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74193?format=json","vulnerability_id":"VCID-p8u9-gjcw-q3c6","summary":"Multiple memory leaks in ISC DHCP 4.1.x and 4.2.x before 4.2.4-P1 and 4.1-ESV before 4.1-ESV-R6 allow remote attackers to cause a denial of service (memory consumption) by sending many requests.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3954.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3954.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3954","reference_id":"","reference_type":"","scores":[{"value":"0.0446","scoring_system":"epss","scoring_elements":"0.89267","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0446","scoring_system":"epss","scoring_elements":"0.89286","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0446","scoring_system":"epss","scoring_elements":"0.89285","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0446","scoring_system":"epss","scoring_elements":"0.89302","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3954"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686174","reference_id":"686174","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686174"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=842428","reference_id":"842428","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=842428"},{"reference_url":"https://security.gentoo.org/glsa/201301-06","reference_id":"GLSA-201301-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1141","reference_id":"RHSA-2012:1141","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1141"},{"reference_url":"https://usn.ubuntu.com/1519-1/","reference_id":"USN-1519-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1519-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99777?format=json","purl":"pkg:deb/debian/isc-dhcp@4.2.4-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.2.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2012-3954"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p8u9-gjcw-q3c6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60019?format=json","vulnerability_id":"VCID-tu8f-p8he-8qbq","summary":"ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3817.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3817.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3817","reference_id":"","reference_type":"","scores":[{"value":"0.06693","scoring_system":"epss","scoring_elements":"0.91409","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06693","scoring_system":"epss","scoring_elements":"0.91423","published_at":"2026-06-05T12:55:00Z"},{"value":"0.06693","scoring_system":"epss","scoring_elements":"0.91424","published_at":"2026-06-06T12:55:00Z"},{"value":"0.06693","scoring_system":"epss","scoring_elements":"0.91422","published_at":"2026-06-07T12:55:00Z"},{"value":"0.06693","scoring_system":"epss","scoring_elements":"0.91418","published_at":"2026-06-08T12:55:00Z"},{"value":"0.06693","scoring_system":"epss","scoring_elements":"0.91432","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683259","reference_id":"683259","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683259"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=842897","reference_id":"842897","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=842897"},{"reference_url":"https://security.gentoo.org/glsa/201209-04","reference_id":"GLSA-201209-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1122","reference_id":"RHSA-2012:1122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1123","reference_id":"RHSA-2012:1123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1123"},{"reference_url":"https://usn.ubuntu.com/1518-1/","reference_id":"USN-1518-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1518-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99771?format=json","purl":"pkg:deb/debian/isc-dhcp@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2012-3817"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tu8f-p8he-8qbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74180?format=json","vulnerability_id":"VCID-w1vh-bj45-hua3","summary":"The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2749.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2749.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2749","reference_id":"","reference_type":"","scores":[{"value":"0.7534","scoring_system":"epss","scoring_elements":"0.98904","published_at":"2026-06-04T12:55:00Z"},{"value":"0.7534","scoring_system":"epss","scoring_elements":"0.98906","published_at":"2026-06-07T12:55:00Z"},{"value":"0.7534","scoring_system":"epss","scoring_elements":"0.98907","published_at":"2026-06-06T12:55:00Z"},{"value":"0.7534","scoring_system":"epss","scoring_elements":"0.98905","published_at":"2026-06-08T12:55:00Z"},{"value":"0.7534","scoring_system":"epss","scoring_elements":"0.98903","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2749"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=638404","reference_id":"638404","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=638404"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=729382","reference_id":"729382","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=729382"},{"reference_url":"https://security.gentoo.org/glsa/201301-06","reference_id":"GLSA-201301-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1160","reference_id":"RHSA-2011:1160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1160"},{"reference_url":"https://usn.ubuntu.com/1190-1/","reference_id":"USN-1190-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1190-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99774?format=json","purl":"pkg:deb/debian/isc-dhcp@4.2.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.2.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2011-2749"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w1vh-bj45-hua3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74206?format=json","vulnerability_id":"VCID-y5ab-f49g-s7ge","summary":"A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also be affected but are well beyond their end-of-life (EOL). Releases prior to 4.1.0 have not been tested.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3144.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3144.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3144","reference_id":"","reference_type":"","scores":[{"value":"0.11782","scoring_system":"epss","scoring_elements":"0.93837","published_at":"2026-06-04T12:55:00Z"},{"value":"0.11782","scoring_system":"epss","scoring_elements":"0.93846","published_at":"2026-06-05T12:55:00Z"},{"value":"0.11782","scoring_system":"epss","scoring_elements":"0.93849","published_at":"2026-06-09T12:55:00Z"},{"value":"0.11782","scoring_system":"epss","scoring_elements":"0.93845","published_at":"2026-06-07T12:55:00Z"},{"value":"0.11782","scoring_system":"epss","scoring_elements":"0.93844","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5733"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1522918","reference_id":"1522918","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1522918"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887413","reference_id":"887413","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887413"},{"reference_url":"https://security.gentoo.org/glsa/201804-05","reference_id":"GLSA-201804-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0158","reference_id":"RHSA-2018:0158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0158"},{"reference_url":"https://usn.ubuntu.com/3586-1/","reference_id":"USN-3586-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3586-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99781?format=json","purl":"pkg:deb/debian/isc-dhcp@4.3.5-3.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.3.5-3.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2017-3144"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y5ab-f49g-s7ge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74182?format=json","vulnerability_id":"VCID-zt3v-ecge-8fem","summary":"The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4868.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4868.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4868","reference_id":"","reference_type":"","scores":[{"value":"0.00846","scoring_system":"epss","scoring_elements":"0.75174","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00846","scoring_system":"epss","scoring_elements":"0.75204","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00846","scoring_system":"epss","scoring_elements":"0.75207","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00846","scoring_system":"epss","scoring_elements":"0.752","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00846","scoring_system":"epss","scoring_elements":"0.75186","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00846","scoring_system":"epss","scoring_elements":"0.75212","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4868"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655746","reference_id":"655746","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655746"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=781242","reference_id":"781242","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=781242"},{"reference_url":"https://security.gentoo.org/glsa/201301-06","reference_id":"GLSA-201301-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99775?format=json","purl":"pkg:deb/debian/isc-dhcp@4.2.2.dfsg.1-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.2.2.dfsg.1-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2011-4868"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zt3v-ecge-8fem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74170?format=json","vulnerability_id":"VCID-zvaq-sv81-nudu","summary":"ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service (server exit) via a zero-length client ID.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2156.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2156.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2156","reference_id":"","reference_type":"","scores":[{"value":"0.8675","scoring_system":"epss","scoring_elements":"0.99441","published_at":"2026-06-04T12:55:00Z"},{"value":"0.8675","scoring_system":"epss","scoring_elements":"0.99442","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2156","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2156"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=601403","reference_id":"601403","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=601403"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/14185.py","reference_id":"CVE-2010-2156","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/14185.py"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99768?format=json","purl":"pkg:deb/debian/isc-dhcp@4.1.1-P1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.1.1-P1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99766?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.1-2.3%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.1-2.3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99764?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99767?format=json","purl":"pkg:deb/debian/isc-dhcp@4.4.3-P1-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-8%3Fdistro=trixie"}],"aliases":["CVE-2010-2156"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zvaq-sv81-nudu"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/isc-dhcp@4.4.3-P1-2%3Fdistro=trixie"}