CVE-2022-33989

Name of the Vulnerable Software and Affected Versions dproxy-nexgen (affected versions not specified)

Description The issue allows DNS cache poisoning due to the use of a static UDP source port with insufficient entropy to prevent traffic injection attacks. This occurs because dproxy-nexgen selects the UDP source port randomly only at boot time in upstream queries sent to DNS resolvers.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.