Thekelleys Dnsmasq vulnerabilities
44 known vulnerabilities affecting thekelleys/dnsmasq.
Total CVEs
44
CISA KEV
0
Public exploits
9
Exploited in wild
0
Severity breakdown
CRITICAL10HIGH16MEDIUM14LOW4
Vulnerabilities
Page 3 of 3
CVE-2005-0876P4MEDIUMCVSS 5.0≥ 0, < 2.212005-05-02
CVE-2005-0876 [MEDIUM] CVE-2005-0876: Off-by-one buffer overflow in Dnsmasq before 2
Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers to execute arbitrary code via the DHCP lease file.
osv
CVE-2020-25685P4LOWCVSS 3.7fixed in 2.832021-01-20
CVE-2020-25685 [LOW] CVE-2020-25685: A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmas
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak hash (CRC32 when dnsmasq is compiled without DNSSEC, SHA-1 when it is) this flaw allows an off-path attacker to
nvdosv
CVE-2006-2017P4MEDIUMCVSS 5.0≥ 0, < 2.30-12006-04-25
CVE-2006-2017 [MEDIUM] CVE-2006-2017: Dnsmasq 2
Dnsmasq 2.29 allows remote attackers to cause a denial of service (application crash) via a DHCP client broadcast reply request.
osv
CVE-2019-14834P4LOWCVSS 3.7fixed in 2.812020-01-07
CVE-2019-14834 [LOW] CWE-770 CVE-2019-14834: A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attack
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.
nvdosv
← Previous3 / 3