Every CVE whose affected-product data names Gnu Adns, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2017-9109 — CVSS 9.8 (critical): An issue was discovered in adns before 1.5.2. It fails to ignore apparent answers before the first RR that was found the first time. when…
CVE-2017-9103 — CVSS 9.8 (critical): An issue was discovered in adns before 1.5.2. pap_mailbox822 does not properly check st from adns__findlabel_next. Without this, an…
CVE-2017-9104 — CVSS 9.8 (critical): An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered.
CVE-2017-9105 — CVSS 8.8 (high): An issue was discovered in adns before 1.5.2. It corrupts a pointer when a nameserver speaks first because of a wrong number of pointer…
CVE-2017-9106 — CVSS 7.5 (high): An issue was discovered in adns before 1.5.2. adns_rr_info mishandles a bogus *datap. The general pattern for formatting integers is to…
CVE-2017-9107 — CVSS 7.5 (high): An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with…
CVE-2017-9108 — CVSS 7.5 (high): An issue was discovered in adns before 1.5.2. adnshost mishandles a missing final newline on a stdin read. It is wrong to increment used as…
CVE-2008-4100 — CVSS 6.4 (medium): GNU adns 1.4 and earlier uses a fixed source port and sequential transaction IDs for DNS requests, which makes it easier for remote…