thekelleys dnsmasq 2.83

CPE Details

thekelleys dnsmasq 2.83
2.83
2021-01-25
15h05 +00:00
2021-01-25
15h05 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:thekelleys:dnsmasq:2.83:*:*:*:*:*:*:*

Informations

Vendor

thekelleys

Product

dnsmasq

Version

2.83

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-50387 2024-02-13 23h00 +00:00 Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.
7.5
High
CVE-2023-28450 2023-03-15 00h00 +00:00 An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.
7.5
High
CVE-2022-0934 2022-08-29 12h03 +00:00 A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service.
7.5
High
CVE-2021-3448 2021-04-08 20h06 +00:00 A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.
4
Medium