| Release | Version |
|---|---|
| bookworm | 2.2.0-6 |
| trixie | 2.6.3-1 |
| sid | 2.6.3-1 |
| Bug | bookworm | trixie | sid | Description |
|---|---|---|---|---|
| CVE-2025-32803 | vulnerable | fixed | fixed | In some cases, Kea log files or lease files may be world-readable. Thi ... |
| CVE-2025-32802 | vulnerable | fixed | fixed | Kea configuration and API directives can be used to overwrite arbitrar ... |
| CVE-2025-32801 | vulnerable | fixed | fixed | Kea configuration and API directives can be used to load a malicious h ... |
| Bug | Description |
|---|---|
| CVE-2019-6474 | A missing check on incoming client requests can be exploited to cause ... |
| CVE-2019-6473 | An invalid hostname option can trigger an assertion failure in the Kea ... |
| CVE-2019-6472 | A packet containing a malformed DUID can cause the Kea DHCPv6 server p ... |
| CVE-2018-5739 | An extension to hooks capabilities which debuted in Kea 1.4.0 introduc ... |
| CVE-2015-8373 | The kea-dhcp4 and kea-dhcp6 servers 0.9.2 and 1.0.0-beta in ISC Kea, w ... |