33 matches found
unbound security update
An update is available for unbound. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The unbound packages provide a validating, recursive, and caching DNS or DNSS...
RLSA-2026:18931 Moderate: unbound security update
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: DNSBomb vulnerability CVE-2024-33655 unbound: Unbound domain hijacking via promiscuous records CVE-2025-11411 For more details about the security issues, including the impact, a CVSS...
Moderate: unbound security update
The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: DNSBomb vulnerability CVE-2024-33655 unbound: Unbound domain hijacking via promiscuous records CVE-2025-11411 For more details about the security issues, including the impact, a CVSS...
RHEL 10 : unbound (RHSA-2026:18556)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18556 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: DNSBomb vulnerability...
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2026-1642)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.13.0 : unbound (EulerOS-SA-2026-1632)
According to the versions of the unbound packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that...
openSUSE 16 Security Update : unbound (openSUSE-SU-2026:20139-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20139-1 advisory. Update to 1.24.1: - CVE-2025-11411: Fixed possible domain hijacking attack bsc1252525. Tenable has extracted the preceding description block directly fr...
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2026-1216)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP13 : unbound (EulerOS-SA-2026-1216)
According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement...
OPENSUSE-SU-2026:20139-1 Security update for unbound
This update for unbound fixes the following issues: Update to 1.24.1: - CVE-2025-11411: Fixed possible domain hijacking attack bsc1252525...
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2026-1060)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2026-1039)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2023 : python3-unbound, unbound, unbound-anchor (ALAS2023-2025-1315)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1315 advisory. NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to...
Amazon Linux 2 : unbound, --advisory ALAS2-2025-3095 (ALAS-2025-3095)
The version of unbound installed on the remote host is prior to 1.7.3-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3095 advisory. NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that...
Medium: unbound
Issue Overview: NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually...
Medium: unbound
Issue Overview: NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually...
Updated unbound packages fix security vulnerabilities
Possible domain hijacking via promiscuous records in the authority section. CVE-2025-11411. Previous fixes for CVE-2025-11411 released with Unbound 1.24.1 were not complete...
Debian dsa-6071 : libunbound-dev - security update
The remote Debian 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6071 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6071-1 [email protected] https://www.debian.org/security/ Moritz...
Fedora 43 : unbound (2025-90281e4554)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-90281e4554 advisory. Update to 1.24.2 rhbz2417261 - Additional fix for CVE-2025-11411 https://nlnetlabs.nl/projects/unbound/download/unbound-1-24-2 ---- Do not always initialize...
Fedora 42 : unbound (2025-38b1c0f3b5)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-38b1c0f3b5 advisory. Update to 1.24.2 rhbz2417261 - Additional fix for CVE-2025-11411 https://nlnetlabs.nl/projects/unbound/download/unbound-1-24-2 Tenable has extracted the...