CVE-2023-50387

Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.

Fixed

MEDIUM (4.6)

T
Tim Bastin detected CVE-2023-50387 with a risk of 3.72
main
System updated the risk assessment to 3.78
main
System recalculated raw risk assessment
System updated the risk assessment to 3.77
main
System recalculated raw risk assessment
System updated the risk assessment to 3.71
main
System recalculated raw risk assessment
T
Tim Bastin fixed CVE-2023-50387
main
T
Tim Bastin detected CVE-2023-50387 with a risk of 3.71
main
System updated the risk assessment to 1.85
main
System recalculated raw risk assessment
System updated the risk assessment to 3.71
main
System recalculated raw risk assessment
System updated the risk assessment to 1.85
main
System recalculated raw risk assessment
System updated the risk assessment from 1.85 to 1.23
main
System recalculated raw risk assessment
System updated the risk assessment from 1.23 to 3.71
main
System recalculated raw risk assessment
System detected CVE-2023-50387 with scanner: container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning
main
System detected CVE-2023-50387 with scanner: container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning
main
System detected CVE-2023-50387 with scanner: container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning
main
System fixed CVE-2023-50387
main
System detected CVE-2023-50387 with a risk of 3.71
main
System detected CVE-2023-50387 with scanner: container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning
main
System detected CVE-2023-50387 with scanner: container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning
main
System detected CVE-2023-50387 with scanner: container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning
main
System detected CVE-2023-50387 with scanner: container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning
main
System detected CVE-2023-50387 with scanner: container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning
main
System fixed CVE-2023-50387
main
System detected CVE-2023-50387 with a risk of 3.71
main
T
Tim Bastin fixed CVE-2023-50387
main
S
Sebastian Kawelke updated the risk assessment from 3.71 to 4.44
main
Confidentiality Requirement updated: medium -> low, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
System updated the risk assessment from 4.44 to 4.59
main
System recalculated raw risk assessment

Reopen this vulnerability

Last calculated at:

Affected component

debian/systemd

Installed version:

252.30

Fixed in:

no patch available

Show in dependency graph

/🛡️ DevGuard
Group
/🧩 DevGuard CI-Components
Repository

CVE-2023-50387

Reopen this vulnerability

Affected component

Management decisions across the organization