dnsmasq (SUSE:OpenStack Cloud 8) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud 8 package dnsmasq, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (12)
CVE-2020-25681 — CVSS 8.1 (high): A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating…
CVE-2020-25682 — CVSS 8.1 (high): A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets…
CVE-2017-15107 — CVSS 7.5 (high): A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be…
CVE-2022-0934 — CVSS 7.5 (high): A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet…
CVE-2023-28450 — CVSS 7.5 (high): An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of…
CVE-2020-25687 — CVSS 5.9 (medium): A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before…
CVE-2020-25683 — CVSS 5.9 (medium): A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before…
CVE-2021-3448 — CVSS 4.0 (medium): A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a…
CVE-2020-25686 — CVSS 3.7 (low): A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the…
CVE-2020-25684 — CVSS 3.7 (low): A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query()…
CVE-2019-14834 — CVSS 3.7 (low): A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service…
CVE-2020-25685 — CVSS 3.7 (low): A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query()…