CVE-2020-10772

2020-11-27T18:15:00
ID CVE-2020-10772
Type cve
Reporter cve@mitre.org
Modified 2020-12-03T21:14:00

Description

An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. Vulnerable versions of Unbound could still amplify an incoming query into a large number of queries directed to a target, even with a lower amplification ratio compared to versions of Unbound that shipped before the mentioned erratum. This issue is about the incomplete fix for CVE-2020-12662, and it does not affect upstream versions of Unbound.