Search CVE reports
1 – 10 of 38 results
CVE-2024-8508
Medium priorityNLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can...
1 affected package
unbound
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
unbound | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2024-43168
Medium priorityDISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made...
1 affected package
unbound
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
unbound | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2024-43167
Medium priorityDISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made...
1 affected package
unbound
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
unbound | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2024-33655
Low prioritySome fixes available 5 of 8
The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service (resource consumption) by arranging for DNS queries to be accumulated for seconds, such that responses are later sent in a pulsing burst...
1 affected package
unbound
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
unbound | Fixed | Fixed | Fixed | Needs evaluation | Needs evaluation |
CVE-2024-1931
Medium priorityNLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that...
1 affected package
unbound
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
unbound | Fixed | Not affected | Not affected | Not affected | Not affected |
CVE-2024-1488
Medium priorityA vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can...
1 affected package
unbound
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
unbound | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2023-50868
Medium prioritySome fixes available 20 of 42
The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random...
7 affected packages
bind9, bind9-libs, dnsmasq, isc-dhcp, knot-resolver...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
bind9 | Fixed | Fixed | Fixed | Fixed | Fixed |
bind9-libs | Not in release | Needs evaluation | Needs evaluation | Not in release | Not in release |
dnsmasq | Fixed | Fixed | Fixed | Fixed | Fixed |
isc-dhcp | Needs evaluation | Not affected | Not affected | Needs evaluation | Not affected |
knot-resolver | Vulnerable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
pdns-recursor | Vulnerable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
unbound | Fixed | Fixed | Fixed | Needs evaluation | Needs evaluation |
CVE-2023-50387
Medium prioritySome fixes available 20 of 42
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of...
7 affected packages
bind9, bind9-libs, dnsmasq, isc-dhcp, knot-resolver...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
bind9 | Fixed | Fixed | Fixed | Fixed | Fixed |
bind9-libs | Not in release | Needs evaluation | Needs evaluation | Not in release | Not in release |
dnsmasq | Fixed | Fixed | Fixed | Fixed | Fixed |
isc-dhcp | Needs evaluation | Not affected | Not affected | Needs evaluation | Not affected |
knot-resolver | Vulnerable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
pdns-recursor | Vulnerable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
unbound | Fixed | Fixed | Fixed | Needs evaluation | Needs evaluation |
CVE-2022-3204
Medium prioritySome fixes available 4 of 6
A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non...
1 affected package
unbound
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
unbound | Not affected | Fixed | Fixed | Fixed | Vulnerable |
CVE-2022-30699
Medium prioritySome fixes available 8 of 10
NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when...
1 affected package
unbound
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
unbound | Fixed | Fixed | Fixed | Fixed | Vulnerable |