Thekelleys

Dnsmasq

37 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-49441

Exploit
  • EPSS 0.01%
  • Published 06.06.2024 22:15:09
  • Last modified 14.03.2025 16:15:27

dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query.

7.5

CVE-2023-50387

Media report
  • EPSS 42.22%
  • Published 14.02.2024 16:15:45
  • Last modified 12.05.2025 15:15:56

Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that,...

7.5

CVE-2023-28450

  • EPSS 0.01%
  • Published 15.03.2023 21:15:09
  • Last modified 26.02.2025 22:15:10

An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.

7.5

CVE-2022-0934

  • EPSS 0.03%
  • Published 29.08.2022 15:15:10
  • Last modified 10.06.2025 14:15:23

A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service.

9.8

CVE-2021-45953

Exploit
  • EPSS 0.05%
  • Published 01.01.2022 00:15:08
  • Last modified 21.11.2024 06:33:21

Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from hash_questions and fuzz_util.c). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge...

9.8

CVE-2021-45951

Exploit
  • EPSS 0.05%
  • Published 01.01.2022 00:15:08
  • Last modified 21.11.2024 06:33:20

Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (called from check_for_bogus_wildcard and FuzzCheckForBogusWildcard). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities,...

9.8

CVE-2021-45952

Exploit
  • EPSS 0.05%
  • Published 01.01.2022 00:15:08
  • Last modified 21.11.2024 06:33:20

Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called from dhcp_packet and FuzzDhcp). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.

9.8

CVE-2021-45954

Exploit
  • EPSS 0.05%
  • Published 01.01.2022 00:15:08
  • Last modified 21.11.2024 06:33:21

Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called from answer_auth and FuzzAuth). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.

9.8

CVE-2021-45955

Exploit
  • EPSS 0.05%
  • Published 01.01.2022 00:15:08
  • Last modified 21.11.2024 06:33:21

Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called from FuzzResizePacket and fuzz_rfc1035.c) because of the lack of a proper bounds check upon pseudo header re-insertion. NOTE: the vendor's position is that CVE-2021-45951 through ...

9.8

CVE-2021-45956

Exploit
  • EPSS 0.05%
  • Published 01.01.2022 00:15:08
  • Last modified 21.11.2024 06:33:21

Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called from log_packet and dhcp_reply). NOTE: the vendor's position is that CVE-2021-45951 through CVE-2021-45957 "do not represent real vulnerabilities, to the best of our knowledge.