Dproxy-nexgen Project Dproxy-nexgen — known CVE vulnerabilities
Every CVE whose affected-product data names Dproxy-nexgen Project Dproxy-nexgen, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-33988 — CVSS 7.5 (high): dproxy-nexgen (aka dproxy nexgen) re-uses the DNS transaction id (TXID) value from client queries, which allows attackers (able to send…
CVE-2022-33990 — CVSS 7.5 (high): Misinterpretation of special domain name characters in dproxy-nexgen (aka dproxy nexgen) leads to cache poisoning because domain names and…
CVE-2022-33989 — CVSS 5.3 (medium): dproxy-nexgen (aka dproxy nexgen) uses a static UDP source port (selected randomly only at boot time) in upstream queries sent to DNS…
CVE-2022-33991 — CVSS 5.3 (medium): dproxy-nexgen (aka dproxy nexgen) forwards and caches DNS queries with the CD (aka checking disabled) bit set to 1. This leads to disabling…