Количество 16
Количество 16
CVE-2023-29483
eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm would proceed, within the full time window, in order to wait for a valid packet. NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1.
CVE-2023-29483
eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm would proceed, within the full time window, in order to wait for a valid packet. NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1.
CVE-2023-29483
eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm would proceed, within the full time window, in order to wait for a valid packet. NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1.
CVE-2023-29483
eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remo ...
SUSE-SU-2024:3298-1
Security update for python-dnspython
SUSE-SU-2024:3297-1
Security update for python-dnspython
SUSE-SU-2024:2655-1
Security update for python-dnspython
SUSE-SU-2024:2626-1
Security update for python-dnspython
SUSE-SU-2024:2605-1
Security update for python-dnspython
ROS-20250226-01
Уязвимость python3-eventlet
ROS-20250212-08
Уязвимость python3-dns
RLSA-2024:3275
Moderate: python-dns security update
GHSA-3rq5-2g8h-59hc
Potential DoS via the Tudoor mechanism in eventlet and dnspython
ELSA-2024-9423
ELSA-2024-9423: python-dns security update (MODERATE)
ELSA-2024-3275
ELSA-2024-3275: python-dns security update (MODERATE)
BDU:2025-03301
Уязвимость набора инструментов для Python dnspython, связанная с неправильной проверкой входных данных, позволяющая нарушителю вызвать отказ в обслуживании
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-29483 eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm would proceed, within the full time window, in order to wait for a valid packet. NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1. | CVSS3: 7 | 1% Низкий | около 1 года назад |
 | CVE-2023-29483 eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm would proceed, within the full time window, in order to wait for a valid packet. NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1. | CVSS3: 5.9 | 1% Низкий | больше 1 года назад |
 | CVE-2023-29483 eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm would proceed, within the full time window, in order to wait for a valid packet. NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1. | CVSS3: 7 | 1% Низкий | около 1 года назад |
| CVE-2023-29483 eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remo ... | CVSS3: 7 | 1% Низкий | около 1 года назад |
 | SUSE-SU-2024:3298-1 Security update for python-dnspython | 1% Низкий | 9 месяцев назад | |
| SUSE-SU-2024:3297-1 Security update for python-dnspython | 1% Низкий | 9 месяцев назад | |
| SUSE-SU-2024:2655-1 Security update for python-dnspython | 1% Низкий | 11 месяцев назад | |
| SUSE-SU-2024:2626-1 Security update for python-dnspython | 1% Низкий | 11 месяцев назад | |
| SUSE-SU-2024:2605-1 Security update for python-dnspython | 1% Низкий | 11 месяцев назад | |
 | ROS-20250226-01 Уязвимость python3-eventlet | CVSS2: 6.6 | 1% Низкий | 4 месяца назад |
| ROS-20250212-08 Уязвимость python3-dns | CVSS2: 6.6 | 1% Низкий | 4 месяца назад |
 | RLSA-2024:3275 Moderate: python-dns security update | 1% Низкий | около 1 года назад | |
| GHSA-3rq5-2g8h-59hc Potential DoS via the Tudoor mechanism in eventlet and dnspython | CVSS3: 5.9 | 1% Низкий | около 1 года назад |
| ELSA-2024-9423 ELSA-2024-9423: python-dns security update (MODERATE) | 7 месяцев назад | ||
| ELSA-2024-3275 ELSA-2024-3275: python-dns security update (MODERATE) | около 1 года назад | ||
 | BDU:2025-03301 Уязвимость набора инструментов для Python dnspython, связанная с неправильной проверкой входных данных, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7 | 1% Низкий | около 1 года назад |
Уязвимостей на страницу