VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
cvssv3	7.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13704.json
epss	0.79318	https://api.first.org/data/v1/epss?cve=CVE-2017-13704
epss	0.79318	https://api.first.org/data/v1/epss?cve=CVE-2017-13704
epss	0.79318	https://api.first.org/data/v1/epss?cve=CVE-2017-13704
epss	0.79318	https://api.first.org/data/v1/epss?cve=CVE-2017-13704
epss	0.79318	https://api.first.org/data/v1/epss?cve=CVE-2017-13704
epss	0.79318	https://api.first.org/data/v1/epss?cve=CVE-2017-13704
epss	0.79318	https://api.first.org/data/v1/epss?cve=CVE-2017-13704
cvssv2	5.0	https://nvd.nist.gov/vuln/detail/CVE-2017-13704
cvssv3	7.5	https://nvd.nist.gov/vuln/detail/CVE-2017-13704

System

Score

Found at

cvssv3

7.5

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13704.json

epss

0.79318

https://api.first.org/data/v1/epss?cve=CVE-2017-13704

epss

0.79318

https://api.first.org/data/v1/epss?cve=CVE-2017-13704

epss

0.79318

https://api.first.org/data/v1/epss?cve=CVE-2017-13704

epss

0.79318

https://api.first.org/data/v1/epss?cve=CVE-2017-13704

epss

0.79318

https://api.first.org/data/v1/epss?cve=CVE-2017-13704

epss

0.79318

https://api.first.org/data/v1/epss?cve=CVE-2017-13704

epss

0.79318

https://api.first.org/data/v1/epss?cve=CVE-2017-13704

cvssv2

5.0

https://nvd.nist.gov/vuln/detail/CVE-2017-13704

cvssv3

7.5

https://nvd.nist.gov/vuln/detail/CVE-2017-13704

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13704.json
		https://access.redhat.com/security/vulnerabilities/3199382
		https://api.first.org/data/v1/epss?cve=CVE-2017-13704
		https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13704
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/
		https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
		https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html
		https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html
		https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq
		http://thekelleys.org.uk/dnsmasq/CHANGELOG
		http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928
		http://www.securityfocus.com/bid/101085
		http://www.securityfocus.com/bid/101977
		http://www.securitytracker.com/id/1039474
1495510		https://bugzilla.redhat.com/show_bug.cgi?id=1495510
877102		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877102
cpe:2.3:a:thekelleys:dnsmasq::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq::::::::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*
cpe:2.3:o:debian:debian_linux:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
cpe:2.3:o:debian:debian_linux:7.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:fedoraproject:fedora:27:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:27:::::::*
cpe:2.3:o:novell:leap:42.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:::::::*
cpe:2.3:o:novell:leap:42.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2017-13704		https://nvd.nist.gov/vuln/detail/CVE-2017-13704

Reference id

Reference type

URL

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13704.json

https://access.redhat.com/security/vulnerabilities/3199382

https://api.first.org/data/v1/epss?cve=CVE-2017-13704

https://cert-portal.siemens.com/productcert/pdf/ssa-689071.pdf

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13704

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TK6DWC53WSU6633EVZL7H4PCWBYHMHK/

https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html

https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11664.html

https://www.mail-archive.com/dnsmasq-discuss%40lists.thekelleys.org.uk/msg11665.html

https://www.synology.com/support/security/Synology_SA_17_59_Dnsmasq

http://thekelleys.org.uk/dnsmasq/CHANGELOG

http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=63437ffbb58837b214b4b92cb1c54bc5f3279928

http://www.securityfocus.com/bid/101085

http://www.securityfocus.com/bid/101977

http://www.securitytracker.com/id/1039474

1495510

https://bugzilla.redhat.com/show_bug.cgi?id=1495510

877102

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877102

cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.1:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:27:*:*:*:*:*:*:*

cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*

cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:leap:42.3:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

CVE-2017-13704

https://nvd.nist.gov/vuln/detail/CVE-2017-13704

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T14:29:09.136997+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13704.json	38.0.0

2026-04-01T14:29:09.136997+00:00

RedHat Importer

Import

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13704.json

38.0.0

Vulnerability ID	VCID-hr7r-mgk2-67aw
Aliases	CVE-2017-13704
Summary	dnsmasq: Size parameter overflow via large DNS query
Status	Published
Exploitability	0.5
Weighted Severity	6.8
Risk	3.4
Affected and Fixed Packages	Package Details

CWE-190	Integer Overflow or Wraparound
CWE-20	Improper Input Validation

Percentile	0.99064
EPSS Score	0.79318
Published At	April 1, 2026, 12:55 p.m.