CVE-2021-32642
radsecproxy is affected by CVE-2021-32642 due to missing input validation in the internal dyndisc scripts naptr-eduroam.sh and radsec-dynsrv.sh, which can allow configuration injection via crafted radsec peer discovery DNS records. reported impacts include information disclosure, DoS, and the red...