dnsmasq (SUSE:OpenStack Cloud 7) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud 7 package dnsmasq, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (15)
CVE-2017-14492 — CVSS 9.8 (critical): Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code…
CVE-2017-14491 — CVSS 9.8 (critical): Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code…
CVE-2017-14493 — CVSS 9.8 (critical): Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code…
CVE-2020-25681 — CVSS 8.1 (high): A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating…
CVE-2020-25682 — CVSS 8.1 (high): A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets…
CVE-2017-14496 — CVSS 7.5 (high): Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is…
CVE-2017-15107 — CVSS 7.5 (high): A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be…
CVE-2017-14495 — CVSS 7.5 (high): Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause…
CVE-2020-25687 — CVSS 5.9 (medium): A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before…
CVE-2017-14494 — CVSS 5.9 (medium): dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving…
CVE-2020-25683 — CVSS 5.9 (medium): A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before…
CVE-2020-25684 — CVSS 3.7 (low): A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query()…
CVE-2020-25685 — CVSS 3.7 (low): A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query()…
CVE-2020-25686 — CVSS 3.7 (low): A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the…
CVE-2019-14834 — CVSS 3.7 (low): A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service…