dnsmasq (SUSE:OpenStack Cloud 6) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud 6 package dnsmasq, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2017-14493 — CVSS 9.8 (critical): Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code…
CVE-2017-14491 — CVSS 9.8 (critical): Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code…
CVE-2017-14492 — CVSS 9.8 (critical): Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code…
CVE-2015-8899 — CVSS 7.5 (high): Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an empty DNS address that has an (1) A or…
CVE-2017-14495 — CVSS 7.5 (high): Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause…
CVE-2017-14496 — CVSS 7.5 (high): Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is…
CVE-2017-14494 — CVSS 5.9 (medium): dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving…