Published: 21/01/2022 Updated: 27/01/2022

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nlnetlabs ldns 1.7.1

ldns could be made to expose sensitive information if it received a specially crafted input ...

When ldns version 171 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability An attacker can leak information on the heap by constructing a zone file payload (CVE-2020-19860) ...

CWE-125 https://github.com/NLnetLabs/ldns/issues/50 https://github.com/NLnetLabs/ldns/commit/15d96206996bea969fbc918eb0a4a346f514b9f3 https://ubuntu.com/security/notices/USN-5257-1 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2023-2032.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-19860

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect