Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-66sa-bc5p-jqde
Vulnerability ID VCID-66sa-bc5p-jqde
Aliases CVE-2023-50387
Summary Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.
Status Published
Exploitability 0.5
Weighted Severity 6.8
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-400 Uncontrolled Resource Consumption
System Score Found at
cvssv3 7.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json
cvssv3.1 7.5 https://access.redhat.com/security/cve/CVE-2023-50387
ssvc Track https://access.redhat.com/security/cve/CVE-2023-50387
epss 0.51989 https://api.first.org/data/v1/epss?cve=CVE-2023-50387
epss 0.51989 https://api.first.org/data/v1/epss?cve=CVE-2023-50387
epss 0.51989 https://api.first.org/data/v1/epss?cve=CVE-2023-50387
epss 0.51989 https://api.first.org/data/v1/epss?cve=CVE-2023-50387
epss 0.51989 https://api.first.org/data/v1/epss?cve=CVE-2023-50387
epss 0.51989 https://api.first.org/data/v1/epss?cve=CVE-2023-50387
epss 0.51989 https://api.first.org/data/v1/epss?cve=CVE-2023-50387
epss 0.51989 https://api.first.org/data/v1/epss?cve=CVE-2023-50387
cvssv3.1 7.5 https://bugzilla.suse.com/show_bug.cgi?id=1219823
ssvc Track https://bugzilla.suse.com/show_bug.cgi?id=1219823
cvssv3.1 7.5 https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html
ssvc Track https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html
cvssv3.1 7.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 7.5 https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1
ssvc Track https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1
cvssv3.1 7.5 https://kb.isc.org/docs/cve-2023-50387
ssvc Track https://kb.isc.org/docs/cve-2023-50387
cvssv3.1 7.5 https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html
ssvc Track https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html
cvssv3.1 7.5 https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html
ssvc Track https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/
cvssv3.1 7.5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/
ssvc Track https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/
cvssv3.1 7.5 https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html
ssvc Track https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html
cvssv3.1 7.5 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387
ssvc Track https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387
cvssv3.1 7.5 https://news.ycombinator.com/item?id=39367411
ssvc Track https://news.ycombinator.com/item?id=39367411
cvssv3.1 7.5 https://news.ycombinator.com/item?id=39372384
ssvc Track https://news.ycombinator.com/item?id=39372384
cvssv3.1 7.5 https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/
ssvc Track https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/
cvssv3.1 7.5 https://security.netapp.com/advisory/ntap-20240307-0007/
ssvc Track https://security.netapp.com/advisory/ntap-20240307-0007/
cvssv3.1 7.5 https://www.athene-center.de/aktuelles/key-trap
ssvc Track https://www.athene-center.de/aktuelles/key-trap
cvssv3.1 7.5 https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf
ssvc Track https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf
cvssv3.1 7.5 https://www.isc.org/blogs/2024-bind-security-release/
ssvc Track https://www.isc.org/blogs/2024-bind-security-release/
cvssv3.1 7.5 https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/
ssvc Track https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/
cvssv3.1 7.5 https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/
ssvc Track https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2024/02/16/2
ssvc Track http://www.openwall.com/lists/oss-security/2024/02/16/2
cvssv3.1 7.5 http://www.openwall.com/lists/oss-security/2024/02/16/3
ssvc Track http://www.openwall.com/lists/oss-security/2024/02/16/3
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json
https://api.first.org/data/v1/epss?cve=CVE-2023-50387
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
017430.html https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html
1063845 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845
1063852 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852
1077750 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750
2 http://www.openwall.com/lists/oss-security/2024/02/16/2
2024-bind-security-release https://www.isc.org/blogs/2024-bind-security-release/
2263914 https://bugzilla.redhat.com/show_bug.cgi?id=2263914
3 http://www.openwall.com/lists/oss-security/2024/02/16/3
6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/
BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/
cve-2023-50387 https://kb.isc.org/docs/cve-2023-50387
CVE-2023-50387 https://access.redhat.com/security/cve/CVE-2023-50387
CVE-2023-50387 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387
dnssec_vulnerability_internet https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/
GLSA-202412-10 https://security.gentoo.org/glsa/202412-10
HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/
IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/
item?id=39367411 https://news.ycombinator.com/item?id=39367411
item?id=39372384 https://news.ycombinator.com/item?id=39372384
key-trap https://www.athene-center.de/aktuelles/key-trap
keytrap-dns-attack-could-disable-large-parts-of-internet-researchers https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/
msg00006.html https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html
msg00011.html https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html
ntap-20240307-0007 https://security.netapp.com/advisory/ntap-20240307-0007/
PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/
powerdns-advisory-2024-01.html https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html
RGS7JN6FZXUSTC2XKQHH27574XOULYYJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/
RHSA-2024:0965 https://access.redhat.com/errata/RHSA-2024:0965
RHSA-2024:0977 https://access.redhat.com/errata/RHSA-2024:0977
RHSA-2024:0981 https://access.redhat.com/errata/RHSA-2024:0981
RHSA-2024:0982 https://access.redhat.com/errata/RHSA-2024:0982
RHSA-2024:11003 https://access.redhat.com/errata/RHSA-2024:11003
RHSA-2024:1334 https://access.redhat.com/errata/RHSA-2024:1334
RHSA-2024:1335 https://access.redhat.com/errata/RHSA-2024:1335
RHSA-2024:1522 https://access.redhat.com/errata/RHSA-2024:1522
RHSA-2024:1543 https://access.redhat.com/errata/RHSA-2024:1543
RHSA-2024:1544 https://access.redhat.com/errata/RHSA-2024:1544
RHSA-2024:1545 https://access.redhat.com/errata/RHSA-2024:1545
RHSA-2024:1647 https://access.redhat.com/errata/RHSA-2024:1647
RHSA-2024:1648 https://access.redhat.com/errata/RHSA-2024:1648
RHSA-2024:1781 https://access.redhat.com/errata/RHSA-2024:1781
RHSA-2024:1782 https://access.redhat.com/errata/RHSA-2024:1782
RHSA-2024:1789 https://access.redhat.com/errata/RHSA-2024:1789
RHSA-2024:1800 https://access.redhat.com/errata/RHSA-2024:1800
RHSA-2024:1801 https://access.redhat.com/errata/RHSA-2024:1801
RHSA-2024:1803 https://access.redhat.com/errata/RHSA-2024:1803
RHSA-2024:1804 https://access.redhat.com/errata/RHSA-2024:1804
RHSA-2024:2551 https://access.redhat.com/errata/RHSA-2024:2551
RHSA-2024:2587 https://access.redhat.com/errata/RHSA-2024:2587
RHSA-2024:2696 https://access.redhat.com/errata/RHSA-2024:2696
RHSA-2024:2720 https://access.redhat.com/errata/RHSA-2024:2720
RHSA-2024:2721 https://access.redhat.com/errata/RHSA-2024:2721
RHSA-2024:2821 https://access.redhat.com/errata/RHSA-2024:2821
RHSA-2024:2890 https://access.redhat.com/errata/RHSA-2024:2890
RHSA-2024:3271 https://access.redhat.com/errata/RHSA-2024:3271
RHSA-2024:3741 https://access.redhat.com/errata/RHSA-2024:3741
RHSA-2024:3877 https://access.redhat.com/errata/RHSA-2024:3877
RHSA-2024:3929 https://access.redhat.com/errata/RHSA-2024:3929
RHSA-2025:0039 https://access.redhat.com/errata/RHSA-2025:0039
show_bug.cgi?id=1219823 https://bugzilla.suse.com/show_bug.cgi?id=1219823
SVYA42BLXUCIDLD35YIJPJSHDIADNYMP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/
Technical_Report_KeyTrap.pdf https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf
TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/
unbound-1.19.1-released https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/
UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/
USN-6633-1 https://usn.ubuntu.com/6633-1/
USN-6642-1 https://usn.ubuntu.com/6642-1/
USN-6657-1 https://usn.ubuntu.com/6657-1/
USN-6657-2 https://usn.ubuntu.com/6657-2/
USN-6665-1 https://usn.ubuntu.com/6665-1/
USN-6723-1 https://usn.ubuntu.com/6723-1/
v5.7.1 https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1
ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/security/cve/CVE-2023-50387
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://access.redhat.com/security/cve/CVE-2023-50387
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://bugzilla.suse.com/show_bug.cgi?id=1219823
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://bugzilla.suse.com/show_bug.cgi?id=1219823
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://kb.isc.org/docs/cve-2023-50387
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://kb.isc.org/docs/cve-2023-50387
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://news.ycombinator.com/item?id=39367411
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://news.ycombinator.com/item?id=39367411
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://news.ycombinator.com/item?id=39372384
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://news.ycombinator.com/item?id=39372384
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://security.netapp.com/advisory/ntap-20240307-0007/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://security.netapp.com/advisory/ntap-20240307-0007/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.athene-center.de/aktuelles/key-trap
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://www.athene-center.de/aktuelles/key-trap
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.isc.org/blogs/2024-bind-security-release/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://www.isc.org/blogs/2024-bind-security-release/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2024/02/16/2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at http://www.openwall.com/lists/oss-security/2024/02/16/2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.openwall.com/lists/oss-security/2024/02/16/3
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/ Found at http://www.openwall.com/lists/oss-security/2024/02/16/3
Exploit Prediction Scoring System (EPSS)
Percentile 0.97896
EPSS Score 0.51989
Published At April 2, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:14:14.236763+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/202412-10 38.0.0