Lucene search
K

729 matches found

RedHat Linux
RedHat Linux
added 2025/08/05 8:17 a.m.7 views

unbound: Unbound Cache poisoning

A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet ECS must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS...

8.7CVSS7.3AI score0.00188EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/08/04 3:19 p.m.7 views

unbound: Unbound Cache poisoning

A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet ECS must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS...

8.7CVSS7.3AI score0.00188EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/08/04 3:19 p.m.14 views

unbound: Unbound Cache poisoning

A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet ECS must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS...

8.7CVSS7.3AI score0.00188EPSS
Exploits0References5
Amazon
Amazon
added 2025/08/04 12:0 a.m.3 views

Important: unbound

Issue Overview: A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along wit...

8.7CVSS6.7AI score0.00188EPSS
Exploits0
Amazon
Amazon
added 2025/08/04 12:0 a.m.4 views

Important: unbound

Issue Overview: A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS support, i.e., '--enable-subnet', AND configured to send ECS information along wit...

8.7CVSS6.7AI score0.00188EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/04 12:0 a.m.6 views

Amazon Linux 2023 : python3-unbound, unbound, unbound-anchor (ALAS2023-2025-1122)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1122 advisory. A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS Client Subnet ECS. Unbound is also vulnerable when compiled with ECS...

8.7CVSS6.4AI score0.00188EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/04 12:0 a.m.8 views

Amazon Linux 2 : unbound (ALAS-2025-2951)

The version of unbound installed on the remote host is prior to 1.7.3-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2951 advisory. A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that support EDNS...

8.7CVSS6.5AI score0.00188EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/04 12:0 a.m.3 views

Amazon Linux 2 : unbound (ALASUNBOUND-1.17-2025-005)

The version of unbound installed on the remote host is prior to 1.17.0-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2UNBOUND-1.17-2025-005 advisory. A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in caching resolvers that...

8.7CVSS6.5AI score0.00188EPSS
Exploits0References4
Snyk
Snyk
added 2025/07/29 10:43 p.m.2 views

Exposure of Resource to Wrong Sphere

Overview Affected versions of this package are vulnerable to Exposure of Resource to Wrong Sphere via the --addr-pool option when a subnet mask is not specified. An attacker can gain unauthorized access by connecting from any IPv4 address, bypassing intended IP-based access restrictions...

6.9CVSS6.9AI score0.0061EPSS
Exploits1References2
NVD
NVD
added 2025/07/29 10:15 p.m.18 views

CVE-2025-54126

The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...

6.9CVSS0.0061EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2025/07/29 10:15 p.m.4 views

CVE-2025-54126

The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...

6.9CVSS7.2AI score0.0061EPSS
Exploits1References3
OSV
OSV
added 2025/07/29 10:15 p.m.5 views

AZL-66045 CVE-2025-54126 affecting package fluent-bit for versions less than 3.1.9-5

The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...

6.9CVSS5.8AI score0.0061EPSS
Exploits1References1
OSV
OSV
added 2025/07/29 10:15 p.m.4 views

AZL-66048 CVE-2025-54126 affecting package fluent-bit for versions less than 3.0.6-3

The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...

6.9CVSS5.8AI score0.0061EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/07/29 9:52 p.m.3 views

CVE-2025-54126 WebAssembly Micro Runtime's `--addr-pool` option allows all IPv4 addresses when subnet mask is not specified

The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...

6.9CVSS6.3AI score0.0061EPSS
Exploits1References3
CVE
CVE
added 2025/07/29 9:52 p.m.22 views

CVE-2025-54126

The CVE-2025-54126 entry concerns WebAssembly Micro Runtime (WAMR) iwasm binary; versions 2.4.0 and earlier use --addr-pool with an IPv4 address lacking a subnet mask, allowing acceptance of all IPs and potentially bypassing access restrictions. This exposes services to all external connections a...

6.9CVSS7.1AI score0.0061EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/07/29 9:52 p.m.4 views

CVE-2025-54126 WebAssembly Micro Runtime's `--addr-pool` option allows all IPv4 addresses when subnet mask is not specified

The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...

6.9CVSS6.5AI score0.0061EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/07/29 9:32 a.m.3 views

unbound: Unbound Cache poisoning

A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet ECS must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS...

8.7CVSS7.3AI score0.00188EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/28 10:47 a.m.2 views

unbound: Unbound Cache poisoning

A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet ECS must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS...

8.7CVSS7.3AI score0.00188EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/28 9:2 a.m.3 views

unbound: Unbound Cache poisoning

A cache poisoning flaw was found in Unbound. Resolvers supporting EDNS Client Subnet ECS must segregate outgoing queries to accommodate different outgoing ECS information. This issue reopens resolvers to a birthday paradox attack, known as the Rebirthday Attack, which attempts to match the DNS...

8.7CVSS7.3AI score0.00188EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/07/25 12:0 a.m.3 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : Unbound vulnerabilities (USN-7666-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7666-1 advisory. Xiang Li discovered that Unbound incorrectly handled EDNS Client Subnet ECS in certain configurations. A remote attacker could possibly use th...

8.7CVSS6.6AI score0.00188EPSS
Exploits0References2
Rows per page
Query Builder