USN-8282-2: Unbound vulnerabilities

USN-8282-1 fixed vulnerabilities in Unbound. This update provides the corresponding updates for CVE-2026-41292 in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS and CVE-2026-42959, CVE-2026-42960 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Andr...

Debian dsa-6304 : libunbound-dev - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6304 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6304-1 [email protected] https://www.debian.org/securit...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Unbound vulnerabilities (USN-8282-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8282-1 advisory. Andrew Griffiths discovered that Unbound did not properly handle certain DNSCrypt packets. A remote attacker could possib...

USN-8282-1 unbound vulnerabilities

Andrew Griffiths discovered that Unbound did not properly handle certain DNSCrypt packets. A remote attacker could possibly use this issue to cause Unbound to crash, resulting in a denial of service. CVE-2026-32792 Qifan Zhang discovered that Unbound incorrectly handled DNSSEC validation in certa...

EUVD-2010-0994

Malware in sbrugna...

EUVD-2009-3583

Malware in sbrugna...

NewStart CGSL MAIN 7.02 : unbound Multiple Vulnerabilities (NS-SA-2025-0125)

The remote NewStart CGSL host, running version MAIN 7.02, has unbound packages installed that are affected by multiple vulnerabilities: - NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name...

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : Unbound vulnerabilities (USN-7666-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7666-1 advisory. Xiang Li discovered that Unbound incorrectly handled EDNS Client Subnet ECS in certain configurations. A remote attacker could possibly use th...

USN-7666-1: Unbound vulnerabilities

Xiang Li discovered that Unbound incorrectly handled EDNS Client Subnet ECS in certain configurations. A remote attacker could possibly use this issue to perform a cache poisoning attack called Rebirthday Attack...

TencentOS Server 3: unbound (TSSA-2025:0108)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0108 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2025-1496)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2025-1468)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.12.1 : unbound (EulerOS-SA-2025-1559)

According to the versions of the unbound packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that i...

Alibaba Cloud Linux 3 : 0102: unbound (ALINUX3-SA-2022:0102)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0102 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-18934: Unbound 1.6.4 through 1.9....

Alibaba Cloud Linux 3 : 0083: unbound (ALINUX3-SA-2021:0083)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0083 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-12662: Unbound before 1.10.1 has...

Amazon Linux 2 : unbound (ALASUNBOUND-1.17-2025-004)

The version of unbound installed on the remote host is prior to 1.17.0-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2UNBOUND-1.17-2025-004 advisory. Certain DNSSEC aspects of the DNS protocol in RFC 4035 and related RFCs allow remote attackers to cause a deni...

Advisory ROSA-SA-2025-2756

Software: unbound 1.16.2 OS: ROSA Virtualization 2.1 packageevrstring: unbound-1.16.2-5.8.rv3 CVE-ID: CVE-2022-3204 BDU-ID: 2023-03846 CVE-Crit: HIGH CVE-DESC.: Unbound's DNS server vulnerability involves uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker acti...

RockyLinux 8 : unbound (RLSA-2025:0837)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:0837 advisory. unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation CVE-2024-1488 unbound: Unbounded name compression cou...

Oracle Linux 8 : unbound (ELSA-2025-0837)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-0837 advisory. - Prevent unbounded name compression CVE-2024-8508 Tenable has extracted the preceding description block directly from the Oracle Linux security...

RHEL 8 : unbound (RHSA-2025:0837)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:0837 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: unrestricted...