Search CVE reports
571 – 580 of 27411 results
NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator where the code path to consult the negative cache for DS records does not take into account the limit on NSEC3 hash calculations...
1 affected package
unbound
| Package | 26.04 LTS |
|---|---|
| unbound | Fixed |
NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the jostle logic that could defeat its purpose and degrade resolution performance. Retransmits of the same query could renew the age of slow running...
1 affected package
unbound
| Package | 26.04 LTS |
|---|---|
| unbound | Fixed |
NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too many EDNS options can hold...
1 affected package
unbound
| Package | 26.04 LTS |
|---|---|
| unbound | Fixed |
Chunk smuggling in push-mode APNG parser via unconsumed chunk body
5 affected packages
libpng, libpng1.6, firefox, thunderbird, chromium-browser
| Package | 26.04 LTS |
|---|---|
| libpng | Not in release |
| libpng1.6 | Not affected |
| firefox | Not affected |
| thunderbird | Not affected |
| chromium-browser | Not affected |
NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could extend the ghost domain window by up to one cached TTL configured value. Similar to other...
1 affected package
unbound
| Package | 26.04 LTS |
|---|---|
| unbound | Fixed |
Some fixes available 1 of 2
A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.0 through...
3 affected packages
bind9, isc-dhcp, bind9-libs
| Package | 26.04 LTS |
|---|---|
| bind9 | Fixed |
| isc-dhcp | Needs evaluation |
| bind9-libs | Not in release |
Some fixes available 1 of 2
BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially crafted zone, the resolver will consume disproportionate resources. This issue affects BIND 9...
3 affected packages
bind9, isc-dhcp, bind9-libs
| Package | 26.04 LTS |
|---|---|
| bind9 | Fixed |
| isc-dhcp | Needs evaluation |
| bind9-libs | Not in release |
NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and...
1 affected package
unbound
| Package | 26.04 LTS |
|---|---|
| unbound | Fixed |
NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support ('--enable-dnscrypt'). A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading...
1 affected package
unbound
| Package | 26.04 LTS |
|---|---|
| unbound | Fixed |
Some fixes available 1 of 2
BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be...
3 affected packages
bind9, isc-dhcp, bind9-libs
| Package | 26.04 LTS |
|---|---|
| bind9 | Fixed |
| isc-dhcp | Needs evaluation |
| bind9-libs | Not in release |