DNSSEC validation is not performed correctly. An attacker can cause this package to report successful validation for invalid, attacker-controlled records. Root DNSSEC public keys are not validated, permitting an malicious user to present a self-signed root key and delegation chain.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
go-resolver project go-resolver - |