Lucene search

CVE-2022-3346

🗓️ 28 Dec 2022 03:10:15Reported by GoType

CVE-2022-3346: DNSSEC validation issue allowing attackers to bypass validatio

Reporter	Title	Published	Views	Family All 7
Prion	Design/Logic Flaw	28 Dec 202203:15	–	prion
NVD	CVE-2022-3346	28 Dec 202203:15	–	nvd
Cvelist	CVE-2022-3346 Incorrect DNSSEC validation due to unchecked owner names in github.com/peterzen/goresolver	27 Dec 202221:17	–	cvelist
Veracode	Improper Access Control	10 Jan 202312:55	–	veracode
OSV	go-resolver vulnerable to attacker-controlled domains due to unvalidated RRSIG RRs	28 Dec 202203:30	–	osv
OSV	Incorrect DNSSEC validation due to unchecked owner names in github.com/peterzen/goresolver	29 Sep 202217:25	–	osv
Github Security Blog	go-resolver vulnerable to attacker-controlled domains due to unvalidated RRSIG RRs	28 Dec 202203:30	–	github

Nvd

Node

go-resolver_project go-resolverMatch-go

[
  {
    "vendor": "github.com/peterzen/goresolver",
    "product": "github.com/peterzen/goresolver",
    "collectionURL": "https://pkg.go.dev",
    "packageName": "github.com/peterzen/goresolver",
    "defaultStatus": "affected"
  }
]

Source	Link
pkg	www.pkg.go.dev/vuln/GO-2022-0979
github	www.github.com/peterzen/goresolver/issues/5

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

28 Dec 2022 03:15Current

6.3Medium risk

Vulners AI Score6.3

CVSS36.5

EPSS0.00062

CWE-345