Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Knot_resolver
(Nic)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 14 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-02-21 | CVE-2023-26249 | Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response. | Knot_resolver | 7.5 | ||
| 2020-05-19 | CVE-2020-12667 | Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records. | Knot_resolver | 7.5 | ||
| 2021-08-25 | CVE-2021-40083 | Knot Resolver before 5.3.2 is prone to an assertion failure, triggerable by a remote attacker in an edge case (NSEC3 with too many iterations used for a positive wildcard proof). | Knot_resolver | 7.5 | ||
| 2022-06-20 | CVE-2022-32983 | Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters. | Knot_resolver | 5.3 |