Fedora 42 : bind / bind-dyndb-ldap (2025-92566203fd)

The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-92566203fd advisory. Update to 9.18.41 rhbz2405786 Security fixes: - DNSSEC validation fails if matching but invalid DNSKEY is found. CVE-2025-8677 - Address various...

Improper Cache Handling

gitHub.com/coredns/coredns is vulnerable to Improper Cache Handling. The vulnerability is due to the CD bit disabling validation in the remote server which could allow an attacker to retrieve sensitive information cached erroneously, leading to information disclosure or unauthorized access...

Design/Logic Flaw

dproxy-nexgen aka dproxy nexgen forwards and caches DNS queries with the CD aka checking disabled bit set to 1. This leads to disabling of DNSSEC protection provided by upstream resolvers...

CVE-2022-33992

DNRD aka Domain Name Relay Daemon 2.20.3 forwards and caches DNS queries with the CD aka checking disabled bit set to 1. This leads to disabling of DNSSEC protection provided by upstream resolvers...

CVE-2022-33991

dproxy-nexgen aka dproxy nexgen forwards and caches DNS queries with the CD aka checking disabled bit set to 1. This leads to disabling of DNSSEC protection provided by upstream resolvers...

CVE-2022-33991

CVE-2022-33991 affects dproxy-nexgen (dproxy nexgen), a DNS proxy/cache. The root issue is that it forwards and caches DNS queries with the CD (Check Disabled) bit set to 1, which disables DNSSEC protection from upstream resolvers. The CVE details provided show a CVSS v3.1 base score of 5.3 (Netw...

CVE-2022-33992

DNRD aka Domain Name Relay Daemon 2.20.3 forwards and caches DNS queries with the CD aka checking disabled bit set to 1. This leads to disabling of DNSSEC protection provided by upstream resolvers...