5 matches found
Fedora 38 : python-dnslib (2022-96c31cc8f6)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-96c31cc8f6 advisory. Automatic update for python-dnslib-0.9.21-1.fc38. Changelog Tue Sep 27 2022 Fabian Affolter - 0.9.21-1 - Update to latest upstream release 0.9.21 -...
SUSE CVE-2022-22846
The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query...
zelos (>=0.0.0 <=0.2.0) potentially affected by CVE-2022-22846 via dnslib (=0.9.10)
dnslib PYPI version =0.9.10 is affected by a known vulnerability. The following packages have a transitive dependency on dnslib and may be impacted: - zelos =0.0.0, =0.2.0 Source cves: CVE-2022-22846 Source advisory: OSV:GHSA-R478-C2PC-M7GX...
CVE-2022-22846
The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query...
CVE-2022-22846
CVE-2022-22846 affects the Python dnslib package up to 0.9.16, where the DNS reply ID is not verified against the query, per the CVE description. This could enable spoofing or misbinding of responses. Fedora advisory notes a fix in 0.9.21 (update to 0.9.21 or newer). Other connected entries reite...