cbcvebase.

Nlnetlabs Nsd vulnerabilities

11 known vulnerabilities affecting nlnetlabs/nsd.

Total CVEs
11
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH6MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2026-12244P3HIGHCVSS 8.8≥ 4.14.0, < 4.14.32026-06-25
CVE-2026-12244 [HIGH] CWE-122 CVE-2026-12244: If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR co If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an (uint16_t) variable that is used to allocate space needed for the RR wrap (because total size > 65535), causing a heap overflow. The attacker can perform a
nvd
CVE-2019-13207P3CRITICALCVSS 9.8≥ 0, < 4.2.4-12019-07-03
CVE-2019-13207 [CRITICAL] CVE-2019-13207: nsd-checkzone in NLnet Labs NSD 4 nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c.
osv
CVE-2026-12246P3HIGHCVSS 8.1≥ 4.14.0, < 4.14.32026-06-25
CVE-2026-12246 [HIGH] CWE-20 CVE-2026-12246: NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the stack when the zone is written to disk, with a maximum of 111 attacker controlled bytes.
nvd
CVE-2026-12490P3HIGHCVSS 7.5fixed in 4.14.32026-06-25
CVE-2026-12490 [HIGH] CWE-284 CVE-2026-12490: When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate is needed when the request comes in over TLS over the regular tls-port (and not the tls-auth-port) or over over TCP over the regular port, when the other conditions of the provide-xfr ru
nvd
CVE-2026-12245P3HIGHCVSS 7.5≥ 4.13.0, < 4.14.32026-06-25
CVE-2026-12245 [HIGH] CWE-416 CVE-2026-12245: NSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing NSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing a crash of the server process, which can be triggered trivially by sending a DNS query over a DoT connection, and closing the connection without reading the response.
nvd
CVE-2016-6173P3HIGHCVSS 7.5≤ 4.1.102017-02-09
CVE-2016-6173 [HIGH] CWE-399 CVE-2016-6173: NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumpti NSD before 4.1.11 allows remote DNS master servers to cause a denial of service (/tmp disk consumption and slave server crash) via a zone transfer with unlimited data.
nvdosv
CVE-2012-2979P3HIGHCVSS 7.5≥ 0, < 4.0.0-52019-11-01
CVE-2012-2979 [HIGH] CVE-2012-2979: FreeBSD NSD before 3 FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD server.
osv
CVE-2013-5661P4MEDIUMCVSS 5.9v3.2.152019-11-05
CVE-2013-5661 [MEDIUM] CWE-290 CVE-2013-5661: Cache Poisoning issue exists in DNS Response Rate Limiting. Cache Poisoning issue exists in DNS Response Rate Limiting.
nvd
CVE-2012-2978P4MEDIUMCVSS 5.0v3.0.0v3.0.1+19 more2012-07-27
CVE-2012-2978 [MEDIUM] CWE-119 CVE-2012-2978: query.c in NSD 3.0.x through 3.0.8, 3.1.x through 3.1.1, and 3.2.x before 3.2.12 allows remote attac query.c in NSD 3.0.x through 3.0.8, 3.1.x through 3.1.1, and 3.2.x before 3.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and child process crash) via a crafted DNS packet.
nvdosv
CVE-2009-1755P4MEDIUMCVSS 5.0v2.0.0v2.0.1+9 more2009-05-22
CVE-2009-1755 [MEDIUM] CWE-189 CVE-2009-1755: Off-by-one error in the packet_read_query_section function in packet.c in nsd 3.2.1, and process_que Off-by-one error in the packet_read_query_section function in packet.c in nsd 3.2.1, and process_query_section in query.c in nsd 2.3.7, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a buffer overflow.
nvdosv
CVE-2020-28935P4MEDIUMCVSS 5.5≥ 0, < 4.3.4-12020-12-07
CVE-2020-28935 [MEDIUM] CVE-2020-28935: NLnet Labs Unbound, up to and including version 1 NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink inste
osv
Nlnetlabs Nsd vulnerabilities | cvebase