unbound: out-of-bounds write in sldns_bget_token_par

A flaw was found in unbound. An out-of-bounds write in the sldnsbgettokenpar function may be abused by a remote attacker. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability...

DEBIAN-CVE-2019-25035

Unbound before 1.9.5 allows an out-of-bounds write in sldnsbgettokenpar. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited...