241 matches found
CVE-2026-10846
A flaw was found in ldns. When applications use ldns as a resolver over User Datagram Protocol UDP, it fails to properly match the query's destination address and port with the response's source address and port. Additionally, the query ID and question are not matched with the response. This...
[SECURITY] Fedora 43 Update: ldns-1.9.2-1.fc43
ldns is a library with the aim to simplify DNS programming in C. All low-level DNS/DNSSEC operations are supported. We also define a higher level API which allows a programmer to for instance create or sign packets...
SUSE-SU-2026:2461-1 Security update for ldns
This update for ldns fixes the following issue - CVE-2026-10846: When ldns is used by applications for stub resolving, it does not sufficiently verify that received responses belong to a sent query bsc1267670...
SUSE-SU-2026:22167-1 Security update for ldns
This update for ldns fixes the following issue - CVE-2026-10846: when ldns is used by applications for stub resolving, it does not sufficiently verify that received responses belong to a sent query bsc1267670...
USN-8449-1 ldns vulnerability
Pablo Ruiz discovered that ldns did not properly validate DNS responses when used as a stub resolver over UDP. A remote attacker could possibly use this issue to inject arbitrary DNS responses...
USN-8449-1: ldns vulnerability
Pablo Ruiz discovered that ldns did not properly validate DNS responses when used as a stub resolver over UDP. A remote attacker could possibly use this issue to inject arbitrary DNS responses...
CVE-2026-10846 affecting package ldns for versions less than 1.8.3-3
CVE-2026-10846 affecting package ldns for versions less than 1.8.3-3. A patched version of the package is available...
SUSE CVE-2026-10846
NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...
ldns-1.9.2-1.1 on GA media (moderate)
ldns-1.9.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10998-1 Rating: moderate Cross-References: CVE-2026-10846 CVSS scores: CVE-2026-10846 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2026-10846 SUSE : 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N...
Linux Distros Unpatched Vulnerability : CVE-2026-10846
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and...
OPENSUSE-SU-2026:10998-1 ldns-1.9.2-1.1 on GA media
These are all security issues fixed in the ldns-1.9.2-1.1 package on the GA media of openSUSE Tumbleweed...
FreeBSD : FreeBSD -- Insufficient response validation in the ldns stub resolver (fc0c7763-6477-11f1-958d-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fc0c7763-6477-11f1-958d-bc241121aa0a advisory. When used as a stub resolver over UDP, ldns failed to verify that a received response belonged to the...
Origin Validation Error
Overview Affected versions of this package are vulnerable to Origin Validation Error due to the improper matching of the query destination address and port with the response source address and port when Idns is used in applications as stub resolver over UDP. Remediation A fix was pushed into the...
CVE-2026-10846
NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...
CVE-2026-10846
NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...
CVE-2026-10846 Insufficient verification that responses belong to a query
NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...
CVE-2026-10846 Insufficient verification that responses belong to a query
NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...
CVE-2026-10846
NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...
NLnet Labs ldns 访问控制错误漏洞
NLnet Labs ldns is a DNS library developed by the Nlnet Foundation in the Netherlands, designed for easy programming of DNS tools. Versions 1.2.0 to 1.9.0 of NLnet Labs ldns contain access control vulnerability issues. This vulnerability arises from the fact that when used as a UDP resolver, the...
UBUNTU-CVE-2026-10846
NLnet Labs ldns 1.2.0 up to and including versions 1.9.0, when used in applications as stub resolver over UDP, lacks matching the query destination address and port with the response source address and port. Furthermore not the query ID, neither the question of the query is matched with that of t...