rpm package
suse/unbound&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
pkg:rpm/suse/unbound&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-50868 | — | < 1.20.0-150100.10.13.1 | 1.20.0-150100.10.13.1 | Feb 14, 2024 | The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. The RFC 51 | ||
| CVE-2023-50387 | — | < 1.20.0-150100.10.13.1 | 1.20.0-150100.10.13.1 | Feb 14, 2024 | Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with man | ||
| CVE-2022-3204 | — | < 1.20.0-150100.10.13.1 | 1.20.0-150100.10.13.1 | Sep 26, 2022 | A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by quer | ||
| CVE-2022-30699 | — | < 1.20.0-150100.10.13.1 | 1.20.0-150100.10.13.1 | Aug 1, 2022 | NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation information is about to expire | ||
| CVE-2022-30698 | — | < 1.20.0-150100.10.13.1 | 1.20.0-150100.10.13.1 | Aug 1, 2022 | NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation in |
- CVE-2023-50868Feb 14, 2024affected < 1.20.0-150100.10.13.1fixed 1.20.0-150100.10.13.1
The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. The RFC 51
- CVE-2023-50387Feb 14, 2024affected < 1.20.0-150100.10.13.1fixed 1.20.0-150100.10.13.1
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with man
- CVE-2022-3204Sep 26, 2022affected < 1.20.0-150100.10.13.1fixed 1.20.0-150100.10.13.1
A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by quer
- CVE-2022-30699Aug 1, 2022affected < 1.20.0-150100.10.13.1fixed 1.20.0-150100.10.13.1
NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a rogue domain name when the cached delegation information is about to expire
- CVE-2022-30698Aug 1, 2022affected < 1.20.0-150100.10.13.1fixed 1.20.0-150100.10.13.1
NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability works by targeting an Unbound instance. Unbound is queried for a subdomain of a rogue domain name. The rogue nameserver returns delegation in