2965 matches found
UBUNTU-CVE-2022-32983
Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters...
CVE-2022-32983
The CVE-2022-32983 issue affects Knot Resolver up to version 5.5.1, where DNS cache poisoning could occur when an attempt is made to limit forwarding actions by filters. Root cause details in connected sources indicate a vulnerability in handling forwarding/filter constraints that can lead to cac...
CVE-2022-32983
Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters...
CVE-2022-32983
Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters...
PT-2022-21620 · Unknown +2 · Knot Resolver +2
Name of the Vulnerable Software and Affected Versions: Knot Resolver versions through 5.5.1 Description: The issue may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters. Recommendations: For versions through 5.5.1, update to a version that contains a fix fo...
Knot Resolver 安全漏洞
Knot Resolver is a caching DNS resolver implementation that includes a resolver library and daemon. A security vulnerability exists in Knot Resolver versions prior to 5.5.1, which stems from a possible DNS cache poisoning when attempting to limit forwarding operations via a filter...
Security update for bind (moderate)
SUSE Security Update: Security update for bind Announcement ID: openSUSE-SU-2022:0151-1 Rating: moderate References: 1192146 1199370 Cross-References: CVE-2021-25219 CVE-2022-27114 CVSS scores: CVE-2021-25219 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2021-25219 SUSE: 5.3...
CVE-2019-10190
A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client even if its DNSSEC validation failed, instead of...
CVE-2019-19331
knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A...
CVE-2018-10920
Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache...
new packages: xml-commons-resolver
An update is available for xml-commons-resolver. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Roc...
new packages: maven-resolver
An update is available for maven-resolver. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Lin...
RHEL 8 : bind (RHSA-2022:2092)
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:2092 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named C Tenable, Inc...
bind: Lame cache can be abused to severely degrade resolver performance
A flaw was found in the way bind processes broken responses from authoritative servers. This caching mechanism could be abused by an attacker to significantly degrade resolver performance...
maven:3.6 security and enhancement update
An update is available for apache-commons-io, atinject, jsr-305, maven-shared-utils, plexus-cipher, aopalliance, plexus-classworlds, guava, apache-commons-cli, plexus-containers, plexus-sec-dispatcher, httpcomponents-client, maven-resolver, apache-commons-lang3, plexus-interpolation, sisu,...
Moderate: bind security, bug fix, and enhancement update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. The following...
RLSA-2022:2092 Moderate: bind security, bug fix, and enhancement update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. The following...
ALSA-2022:2092 Moderate: bind security, bug fix, and enhancement update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. The following...
CVE-2022-28708
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2 and 15.1.x versions prior to 15.1.5.1, when a BIG-IP DNS resolver-enabled, HTTP-Explicit or SOCKS profile is configured on a virtual server, an undisclosed DNS response can cause the Traffic Management Microkernel TMM process to terminate. Note:...
CVE-2022-28706
On F5 BIG-IP 16.1.x versions prior to 16.1.2 and 15.1.x versions prior to 15.1.5.1, when the DNS resolver configuration is used, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not...