7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.015 Low
EPSS
Percentile
86.8%
validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform
proof processing for NSEC3-signed zones, which allows remote DNS servers to
cause a denial of service (daemon crash) via a malformed response that
lacks expected NSEC3 records, a different vulnerability than CVE-2011-4528.