rpm package
suse/unbound&distro=SUSE Linux Enterprise Module for Basesystem 15 SP1
pkg:rpm/suse/unbound&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-12662 | — | < 1.6.8-10.3.1 | 1.6.8-10.3.1 | May 19, 2020 | Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records. | ||
| CVE-2020-12663 | — | < 1.6.8-10.3.1 | 1.6.8-10.3.1 | May 19, 2020 | Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers. | ||
| CVE-2019-18934 | — | < 1.6.8-10.3.1 | 1.6.8-10.3.1 | Nov 19, 2019 | Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in t |
- CVE-2020-12662May 19, 2020affected < 1.6.8-10.3.1fixed 1.6.8-10.3.1
Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.
- CVE-2020-12663May 19, 2020affected < 1.6.8-10.3.1fixed 1.6.8-10.3.1
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.
- CVE-2019-18934Nov 19, 2019affected < 1.6.8-10.3.1fixed 1.6.8-10.3.1
Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in t