Important: Red Hat Security Advisory: unbound security update

An update for unbound is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

The vulnerability of the AuthenticationTrustResolver.isFullyAuthenticated(Authentication) method in the Java framework for securing industrial applications by Spring Security allows attackers to influence the integrity and confidentiality of protected information.

The vulnerability of the AuthenticationTrustResolver.isFullyAuthenticatedAuthentication method in the Java framework for securing industrial applications by Spring Security is related to deficiencies in access control when processing the null parameter. Exploiting this vulnerability could allow a...

DSA-5633-1 knot-resolver - security update

Bulletin has no description...

bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled...

Important: Red Hat Security Advisory: unbound security update

An update for unbound is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

[SECURITY] Fedora 39 Update: bind9-next-9.19.21-1.fc39

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

[SECURITY] Fedora 38 Update: bind9-next-9.19.21-1.fc38

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

Apache Sling Path Traversal Vulnerability

Apache Sling is the United States Apache Apache Foundation of a Java platform for open source Web framework. Designed to meet the JSR-170 content repository such as Apache Jackrabbit to create content-centric applications. A path traversal vulnerability exists in Apache Sling Servlets Resolver...

ALSA-2024:0977 Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator CVE-2023-50387 bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources CVE-2023-50868 For more details about th...

ALSA-2024:0965 Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator CVE-2023-50387 bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources CVE-2023-50868 For more details about th...

Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator CVE-2023-50387 bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources CVE-2023-50868 For more details about th...

AZL-44032 CVE-2024-24476 affecting package wireshark 4.0.8-1

A buffer overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the pan/addrresolv.c, and wsmanuflookupstr, size components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected...

[SECURITY] [DLA 3736-1] unbound security update

Debian LTS Advisory DLA-3736-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany February 21, 2024 https://wiki.debian.org/LTS Package : unbound Version : 1.9.0-2+deb10u4 CVE ID : CVE-2023-50387 CVE-2023-50868 Debian Bug : 1063845 Two vulnerabilities were discovered...

GHSA-W3W6-26F2-P474 Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated

In Spring Security, versions 6.1.x prior to 6.1.7 and versions 6.2.x prior to 6.2.2, an application is vulnerable to broken access control when it directly uses the AuthenticationTrustResolver.isFullyAuthenticatedAuthentication method. Specifically, an application is vulnerable if: The applicatio...

Knot Resolver < 5.7.1 Multiple DoS Vulnerabilities (KeyTrap)

Knot Resolver is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

[SECURITY] Fedora 39 Update: bind-9.18.24-1.fc39

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

PT-2024-1840 · Unknown · Spring Security

Name of the Vulnerable Software and Affected Versions: Spring Security versions 6.1.x through 6.1.6 Spring Security versions 6.2.x through 6.2.1 Description: The issue is related to broken access control in Spring Security when the AuthenticationTrustResolver.isFullyAuthenticatedAuthentication...

The vulnerability of the software for processing servlets in web applications on the Java Apache Sling Servlets Resolver platform arises from incorrect pathname restrictions for restricted directories. This allows attackers to execute arbitrary code.

The vulnerability of the software for processing servlets in web applications on the Java Apache Sling Servlets Resolver platform is related to incorrect pathname restrictions for restricted directories. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotel...

[SECURITY] Fedora 39 Update: unbound-1.19.1-2.fc39

Unbound is a validating, recursive, and caching DNSSEC resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modula...

Fedora: Security Advisory (FEDORA-2024-2e26eccfcb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...