PyPI package
irrd
pkg:pypi/irrd
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-28681 | Hig | 8.1 | >= 4.4.0, < 4.4.5 | 4.4.5 | Mar 6, 2026 | Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. From version 4.4.0 to before version 4.4.5 and from version 4.5.0 to before version 4.5.1, an attacker can manipulate the HTTP Host header on a password reset or accou | |
| CVE-2022-24798 | — | >= 4.2.0, < 4.2.3 | 4.2.3 | Mar 31, 2022 | Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. IRRd did not always filter password hashes in query responses relating to `mntner` objects and database exports. This may have allowed adversaries to retrieve some of |
- affected >= 4.4.0, < 4.4.5fixed 4.4.5
Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. From version 4.4.0 to before version 4.4.5 and from version 4.5.0 to before version 4.5.1, an attacker can manipulate the HTTP Host header on a password reset or accou
- CVE-2022-24798Mar 31, 2022affected >= 4.2.0, < 4.2.3fixed 4.2.3
Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. IRRd did not always filter password hashes in query responses relating to `mntner` objects and database exports. This may have allowed adversaries to retrieve some of