Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Knot_resolver
(Nic)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 14 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-12-16 | CVE-2019-19331 | knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A records can be squashed into one DNS message (limit is 64kB). | Debian_linux, Knot_resolver | 7.5 | ||
| 2021-03-30 | CVE-2018-1110 | A flaw was found in knot-resolver before version 2.3.0. Malformed DNS messages may cause denial of service. | Knot_resolver | 7.5 | ||
| 2018-08-02 | CVE-2018-10920 | Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache. | Knot_resolver | N/A | ||
| 2019-11-05 | CVE-2013-5661 | Cache Poisoning issue exists in DNS Response Rate Limiting. | Bind, Knot_resolver, Nsd, Enterprise_linux | N/A | ||
| 2018-01-22 | CVE-2018-1000002 | Improper input validation bugs in DNSSEC validators components in Knot Resolver (prior version 1.5.2) allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay. | Knot_resolver | N/A |