CVE-2023-28450

Опубликовано: 15 мар. 2023

Источник: debian

EPSS Низкий

Описание

An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
dnsmasq	fixed	2.90-1		package
dnsmasq	fixed	2.90-4~deb12u1	bookworm	package
dnsmasq	no-dsa		buster	package

Примечания

https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5

EPSS

Процентиль: 1%

0.0001

Низкий

Связанные уязвимости

CVE-2023-28450

CVSS3: 7.5

ubuntu

больше 2 лет назад

An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.

CVE-2023-28450

CVSS3: 7.5

redhat

больше 2 лет назад

An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.

CVE-2023-28450

CVSS3: 7.5

nvd

больше 2 лет назад

An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.

CVE-2023-28450

CVSS3: 7.5

msrc

больше 2 лет назад

Описание отсутствует

SUSE-SU-2023:2123-1

suse-cvrf

больше 2 лет назад

Security update for dnsmasq

EPSS

Процентиль: 1%

0.0001

Низкий