VYPR

rpm package

opensuse/unbound&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/unbound&distro=openSUSE%20Tumbleweed

Vulnerabilities (28)

  • CVE-2022-30698Aug 1, 2022
    affected < 1.16.2-1.1fixed 1.16.2-1.1

    NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation in

  • CVE-2020-28935Dec 7, 2020
    affected < 1.13.2-1.2fixed 1.13.2-1.2

    NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an exis

  • CVE-2020-12662May 19, 2020
    affected < 1.13.2-1.2fixed 1.13.2-1.2

    Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.

  • CVE-2020-12663May 19, 2020
    affected < 1.13.2-1.2fixed 1.13.2-1.2

    Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.

  • CVE-2019-18934Nov 19, 2019
    affected < 1.13.2-1.2fixed 1.13.2-1.2

    Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in t

  • CVE-2019-16866Oct 3, 2019
    affected < 1.13.2-1.2fixed 1.13.2-1.2

    Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule.

  • CVE-2017-15105MedJan 23, 2018
    affected < 1.13.2-1.2fixed 1.13.2-1.2

    A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.

  • CVE-2014-8602Dec 11, 2014
    affected < 1.5.10-1.1fixed 1.5.10-1.1

    iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals.

Page 2 of 2