Search CVE reports


Toggle filters

1 – 10 of 38 results


CVE-2024-8508

Medium priority
Fixed

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can...

1 affected package

unbound

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unbound Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2024-43168

Medium priority
Fixed

DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made...

1 affected package

unbound

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unbound Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2024-43167

Medium priority
Fixed

DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made...

1 affected package

unbound

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unbound Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2024-33655

Low priority

Some fixes available 5 of 8

The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service (resource consumption) by arranging for DNS queries to be accumulated for seconds, such that responses are later sent in a pulsing burst...

1 affected package

unbound

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unbound Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2024-1931

Medium priority
Fixed

NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that...

1 affected package

unbound

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unbound Fixed Not affected Not affected Not affected Not affected
Show less packages

CVE-2024-1488

Medium priority
Not affected

A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can...

1 affected package

unbound

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unbound Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-50868

Medium priority

Some fixes available 20 of 42

The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random...

7 affected packages

bind9, bind9-libs, dnsmasq, isc-dhcp, knot-resolver...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Fixed Fixed Fixed Fixed Fixed
bind9-libs Not in release Needs evaluation Needs evaluation Not in release Not in release
dnsmasq Fixed Fixed Fixed Fixed Fixed
isc-dhcp Needs evaluation Not affected Not affected Needs evaluation Not affected
knot-resolver Vulnerable Needs evaluation Needs evaluation Needs evaluation Needs evaluation
pdns-recursor Vulnerable Needs evaluation Needs evaluation Needs evaluation Needs evaluation
unbound Fixed Fixed Fixed Needs evaluation Needs evaluation
Show all 7 packages Show less packages

CVE-2023-50387

Medium priority

Some fixes available 20 of 42

Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of...

7 affected packages

bind9, bind9-libs, dnsmasq, isc-dhcp, knot-resolver...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
bind9 Fixed Fixed Fixed Fixed Fixed
bind9-libs Not in release Needs evaluation Needs evaluation Not in release Not in release
dnsmasq Fixed Fixed Fixed Fixed Fixed
isc-dhcp Needs evaluation Not affected Not affected Needs evaluation Not affected
knot-resolver Vulnerable Needs evaluation Needs evaluation Needs evaluation Needs evaluation
pdns-recursor Vulnerable Needs evaluation Needs evaluation Needs evaluation Needs evaluation
unbound Fixed Fixed Fixed Needs evaluation Needs evaluation
Show all 7 packages Show less packages

CVE-2022-3204

Medium priority

Some fixes available 4 of 6

A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non...

1 affected package

unbound

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unbound Not affected Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2022-30699

Medium priority

Some fixes available 8 of 10

NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when...

1 affected package

unbound

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
unbound Fixed Fixed Fixed Fixed Vulnerable
Show less packages