Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nic knot resolver vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-26249
Knot Resolver prior to 5.6.0 enables malicious users to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without...
Nic Knot Resolver
3.7
CVSSv3
CVE-2018-1000002
Improper input validation bugs in DNSSEC validators components in Knot Resolver (prior version 1.5.2) allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay.
Nic Knot Resolver
7.5
CVSSv3
CVE-2023-46317
Knot Resolver prior to 5.7.0 performs many TCP reconnections upon receiving certain nonsensical responses from servers.
Nic Knot Resolver
7.5
CVSSv3
CVE-2020-12667
Knot Resolver prior to 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.
Nic Knot Resolver
6.8
CVSSv3
CVE-2018-10920
Improper input validation bug in DNS resolver component of Knot Resolver prior to 2.4.1 allows remote malicious user to poison cache.
Nic Knot Resolver
1 Github repository
5.3
CVSSv3
CVE-2022-32983
Knot Resolver up to and including 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters.
Nic Knot Resolver
7.5
CVSSv3
CVE-2021-40083
Knot Resolver prior to 5.3.2 is prone to an assertion failure, triggerable by a remote attacker in an edge case (NSEC3 with too many iterations used for a positive wildcard proof).
Nic Knot Resolver
7.5
CVSSv3
CVE-2018-1110
A flaw was found in knot-resolver before version 2.3.0. Malformed DNS messages may cause denial of service.
Nic Knot Resolver
7.5
CVSSv3
CVE-2019-19331
knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a f...
Nic Knot Resolver
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2019-10190
A vulnerability exists in DNS resolver component of knot resolver through version 3.2.0 prior to 4.1.0 which allows remote malicious users to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client even if its DNSSEC validation fa...
Nic Knot Resolver
Fedoraproject Fedora 29
Fedoraproject Fedora 30
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »