rpm package
suse/GeoIP&distro=SUSE WebYast 1.3
pkg:rpm/suse/GeoIP&distro=SUSE%20WebYast%201.3
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-0747 | Med | 5.3 | < 1.4.7-2.10.1 | 1.4.7-2.10.1 | Feb 15, 2016 | The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution. | |
| CVE-2016-0746 | Cri | 9.8 | < 1.4.7-2.10.1 | 1.4.7-2.10.1 | Feb 15, 2016 | Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing | |
| CVE-2016-0742 | Hig | 7.5 | < 1.4.7-2.10.1 | 1.4.7-2.10.1 | Feb 15, 2016 | The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response. |
- affected < 1.4.7-2.10.1fixed 1.4.7-2.10.1
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution.
- affected < 1.4.7-2.10.1fixed 1.4.7-2.10.1
Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing
- affected < 1.4.7-2.10.1fixed 1.4.7-2.10.1
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response.