CVE-2023-28450
Severity
7.5HIGH
EPSS
0.0%
top 98.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 15
Latest updateApr 24
Description
An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6
Affected Packages2 packages
🔴Vulnerability Details
4📋Vendor Advisories
6Red Hat
â–¶
Microsoftâ–¶
An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020.↗2023-03-14