28 matches found
EUVD-2012-0075
Malware in sbrugna...
EUVD-2024-17653
Malicious code in bioql PyPI...
Infinite Loop
NLnet Labs Unbound is vulnerable to Infinite Loop. The vulnerability is due to a certain code path in Unbound which can lead to an infinite loop, causing denial of service. Due to an unchecked condition, the code trimming the text of the EDE records could loop indefinitely. This occurs when Unbou...
FreeBSD : Unbound -- Denial-of-Service vulnerability (c2ad8700-de25-11ee-9190-84a93843eb75)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c2ad8700-de25-11ee-9190-84a93843eb75 advisory. - NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can...
CVE-2024-1931
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's...
DEBIAN-CVE-2024-1931
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's...
CVE-2024-1931
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's...
CVE-2024-1931
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's...
UBUNTU-CVE-2024-1931
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's...
Design/Logic Flaw
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's...
CVE-2024-1931
CVE-2024-1931 affects NLnet Labs Unbound 1.18.0 through 1.19.1. The issue is an infinite loop in a code path that trims EDE record text when the client buffer is smaller than needed, triggered when ede: yes is configured. From 1.19.2 a fix was applied; Fedora/RH advisories show 1.19.3 includes th...
CVE-2024-1931
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's...
CVE-2024-1931 Denial of service when trimming EDE text on positive replies
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's...
CVE-2024-1931 Denial of service when trimming EDE text on positive replies
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's...
CVE-2024-1931
NLnet Labs Unbound version 1.18.0 up to and including version 1.19.1 contain a vulnerability that can cause denial of service by a certain code path that can lead to an infinite loop. Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's...
Unbound DNS Resolver 1.18.0 - 1.19.1 DoS Vulnerability
Unbound DNS Resolver is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Unbound -- Denial-of-Service vulnerability
NLNet Labs reports: Unbound 1.18.0 introduced a feature that removes EDE records from responses with size higher than the client's advertised buffer size. Before removing all the EDE records however, it would try to see if trimming the extra text fields on those records would result in an...
PT-2024-2045 · Nlnet +2 · Unbound +2
Name of the Vulnerable Software and Affected Versions: Unbound versions 1.18.0 through 1.19.1 Description: The issue is related to a denial of service vulnerability caused by an infinite loop in the code. This occurs when Unbound tries to trim extra text fields from EDE records to fit within the...
ede-victoria.nl Improper Access Control vulnerability OBB-3866177
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
GLSA-201812-05 : EDE: Privilege escalation
The remote host is affected by the vulnerability described in GLSA-201812-05 EDE: Privilege escalation An untrusted search path vulnerability was discovered in EDE. Impact : A local attacker could escalate his privileges via a specially crafted Lisp expression in a Project.ede file in the directo...