Unbound Security Vulnerabilities and Issues — Unbound CVE List

Lucene search

NlnetlabsUnbound

4 matches found

CVE•added 2020/12/07 10:15 p.m.•376 views

CVE-2020-28935

NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writi...

5.5CVSS6.4AI score0.00081EPSS

CVE•added 2020/05/19 2:15 p.m.•335 views

CVE-2020-12662

Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.

7.5CVSS7.5AI score0.14036EPSS

CVE•added 2020/05/19 2:15 p.m.•292 views

CVE-2020-12663

Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.

7.5CVSS7.5AI score0.06522EPSS

CVE•added 2020/11/27 6:15 p.m.•268 views

CVE-2020-10772

An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. Vulnerable versions of Unbound could still amplify an incoming query into a large number of queries directed to a target, even with a lower amplification ratio compared to ...

7.5CVSS7.4AI score0.14036EPSS