VYPR

rpm package

opensuse/ldns&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/ldns&distro=openSUSE%20Tumbleweed

Vulnerabilities (5)

  • CVE-2026-10846HigJun 10, 2026
    affected < 1.9.2-1.1fixed 1.9.2-1.1

    NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as (stub) resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is mat

  • CVE-2020-19861Jan 21, 2022
    affected < 1.8.1-1.1fixed 1.8.1-1.1

    When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt_rdf) byte data can be copied, causing heap overflow information leakage.

  • CVE-2020-19860Jan 21, 2022
    affected < 1.8.1-1.1fixed 1.8.1-1.1

    When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload.

  • CVE-2017-1000231CriNov 17, 2017
    affected < 1.7.1-1.11fixed 1.7.1-1.11

    A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.

  • CVE-2011-3581Nov 4, 2011
    affected < 1.6.17-5.7fixed 1.6.17-5.7

    Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Resource Record (RR) with an unknown type containing input that is longer than a sp