Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
knot-resolver vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-46317
Knot Resolver prior to 5.7.0 performs many TCP reconnections upon receiving certain nonsensical responses from servers.
Nic Knot Resolver
7.5
CVSSv3
CVE-2018-1110
A flaw was found in knot-resolver before version 2.3.0. Malformed DNS messages may cause denial of service.
Nic Knot Resolver
7.5
CVSSv3
CVE-2020-12667
Knot Resolver prior to 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.
Nic Knot Resolver
7.5
CVSSv3
CVE-2021-40083
Knot Resolver prior to 5.3.2 is prone to an assertion failure, triggerable by a remote attacker in an edge case (NSEC3 with too many iterations used for a positive wildcard proof).
Nic Knot Resolver
6.8
CVSSv3
CVE-2018-10920
Improper input validation bug in DNS resolver component of Knot Resolver prior to 2.4.1 allows remote malicious user to poison cache.
Nic Knot Resolver
1 Github repository
5.3
CVSSv3
CVE-2022-32983
Knot Resolver up to and including 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters.
Nic Knot Resolver
3.7
CVSSv3
CVE-2018-1000002
Improper input validation bugs in DNSSEC validators components in Knot Resolver (prior version 1.5.2) allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay.
Nic Knot Resolver
7.5
CVSSv3
CVE-2023-26249
Knot Resolver prior to 5.6.0 enables malicious users to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without...
Nic Knot Resolver
7.5
CVSSv3
CVE-2019-19331
knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a f...
Nic Knot Resolver
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2019-10191
A vulnerability exists in DNS resolver of knot resolver before version 4.1.0 which allows remote malicious users to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol.
Nic Knot Resolver
Fedoraproject Fedora 29
Fedoraproject Fedora 30
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »