Information Exposure

Overview Versions of type-graphql prior to 0.17.6 are vulnerable to Information Exposure. The package leaks the resolver source code in an error message. It is possible to force this error when no subscription topics are provided in the request. Recommendation Upgrade to version 0.17.6 or later...

EulerOS 2.0 SP5 : NetworkManager (EulerOS-SA-2019-2698)

According to the version of the NetworkManager packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure CWE-200 vulnerability in DNS resolver that can result in...

[SECURITY] Fedora 31 Update: unbound-1.9.6-1.fc31

Unbound is a validating, recursive, and caching DNSSEC resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modula...

Knot Resolver < 4.3.0 DoS Vulnerability

Knot Resolver is prone to a denial of service vulnerability through high CPU utilization. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as...

EulerOS 2.0 SP3 : NetworkManager (EulerOS-SA-2019-2636)

According to the version of the NetworkManager packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure CWE-200 vulnerability in DNS resolver that can result in...

DEBIAN-CVE-2019-19331

knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A...

CVE-2019-19331

knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A...

CVE-2019-19331

knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A...

Design/Logic Flaw

knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A...

UBUNTU-CVE-2019-19331

knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A...

CVE-2019-19331

knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A...

CVE-2019-19331

knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A...

CVE-2019-19331

Knot Resolver (knot-resolver) is affected by CVE-2019-19331, with exploitation arising from processing DNS responses containing a large number of resource records. The issue exists in versions before 4.3.0, and can cause denial of service via high CPU utilization, potentially taking several CPU s...

CVE-2019-19331

knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A...

Knot Resolver Denial of Service Vulnerability

Knot Resolver is a cached DNS resolver implementation that includes a resolver library and daemon. A security vulnerability exists in Knot Resolver. An attacker could exploit this vulnerability to cause a denial of service...

PT-2019-15812 · Cz.Nic +2 · Knot Resolver +2

Name of the Vulnerable Software and Affected Versions: knot-resolver versions prior to 4.3.0 Description: The issue allows for denial of service through high CPU utilization. This occurs when DNS replies contain a large number of resource records, which can be processed inefficiently. In extreme...

CVE-2019-19331

knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A...

Fedora Update for knot-resolver FEDORA-2019-44ccfa9b29

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: knot-resolver-4.3.0-1.fc30

The Knot Resolver is a DNSSEC-enabled caching full resolver implementation written in C and LuaJIT, including both a resolver library and a daemon. Modular architecture of the library keeps the core tiny and efficient, and provides a state-machine like API for extensions. The package is...

[SECURITY] Fedora 30 Update: bind-9.11.13-2.fc30

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...