knot-resolver is vulnerable to Denial Of Service (DoS). The vulnerability exists because the single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response, allowing an attacker to crash the application