CVE-2026-10846

CVE-2026-10846 affects nlnts ldns used as a stub resolver over UDP. FreeBSD advisories confirm that ldns failed to verify response provenance (source IP/port, transaction ID, and question matching), enabling off‑path spoofing of UDP responses and arbitrary data delivery to programs using ldns (e....

EUVD-2021-1028

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2022-22846

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dnslib package through 0.9.16 for Python does not verify that the ID value in a DNS reply matches an ID value in a query. CVE-2022-22846 Note that Nessus...

[SECURITY] Fedora 42 Update: rust-hickory-proto-0.24.4-1.fc42

Hickory DNS is a safe and secure DNS library. This is the foundational DNS protocol library for all Hickory DNS projects...

[SECURITY] Fedora 41 Update: rust-hickory-proto-0.24.4-1.fc41

Hickory DNS is a safe and secure DNS library. This is the foundational DNS protocol library for all Hickory DNS projects...

[SECURITY] Fedora 40 Update: rust-hickory-proto-0.24.4-1.fc40

Hickory DNS is a safe and secure DNS library. This is the foundational DNS protocol library for all Hickory DNS projects...

Advisory ROSA-SA-2025-2782

Software: c-ares 1.13.0 OS: ROSA Virtualization 3.0 packageevrstring: c-ares-1.13.0-11.rv30 CVE-ID: CVE-2024-25629 BDU-ID: 2024-01708 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the aresreadline function of the C-ares asynchronous DNS query library is related to an operation exceeding buffer...

BIT-NODE-MIN-2021-22931

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames leading to Domain Hijacking and injection...

BIT-NODE-2021-22931

Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames leading to Domain Hijacking and injection...

AZL-34453 CVE-2024-25629 affecting package c-ares for versions less than 1.19.1-2

c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files has an embedded...

DEBIAN-CVE-2024-25629

c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files has an embedded...

ALPINE-CVE-2024-25629

c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files has an embedded...

DEBIAN-CVE-2020-22217

Buffer overflow vulnerability in c-ares before 1161 thru 1170 via function aresparsesoareply in aresparsesoareply.c...

SUSE CVE-2014-3209

The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file...

SUSE CVE-2020-19861

When a zone file in ldns 1.7.1 is parsed, the function ldnsnsec3saltdata is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldnsrdfsizesaltrdf byte data can be copied, causing heap overflow information leakage...

SUSE CVE-2020-19860

When ldns version 1.7.1 verifies a zone file, the ldnsrrnewfrmstrinternal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload...

go-resolver 数据伪造问题漏洞

go-resolver is a Golang DNSSEC validation parser library implemented on top of miekg/dns by the peterzen personal developer. A security vulnerability exists in go-resolver, which stems from DNSSEC authentication not being performed correctly...

The vulnerability in the parse.c component of the DNS library allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the parse.c component in the DNS LDNS library is related to the repeated release of memory. Exploiting this vulnerability allows a remote attacker to access confidential data, compromise its integrity, and cause service failures...

Rocky Linux 8 : nodejs:14 (RLSA-2021:3666)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3666 advisory. - Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host...

DEBIAN-CVE-2020-19861

When a zone file in ldns 1.7.1 is parsed, the function ldnsnsec3saltdata is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldnsrdfsizesaltrdf byte data can be copied, causing heap overflow information leakage...