Nlnetlabs Unbound vulnerabilities
49 known vulnerabilities affecting nlnetlabs/unbound.
Total CVEs
49
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL9HIGH20MEDIUM19LOW1
Vulnerabilities
Page 3 of 3
CVE-2026-42923P4MEDIUMCVSS 5.3≥ 1.19.1, < 1.25.12026-05-20
CVE-2026-42923 [MEDIUM] CWE-407 CVE-2026-42923: NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator wh
NLnet Labs Unbound up to and including version 1.25.0 has a vulnerability in the DNSSEC validator where the code path to consult the negative cache for DS records does not take into account the limit on NSEC3 hash calculations introduced in 1.19.1. This leads to degradation of service during the attack. An adversary that controls a DNSSEC signed zon
nvd
CVE-2017-15105P4MEDIUMCVSS 5.3fixed in 1.6.82018-01-23
CVE-2017-15105 [MEDIUM] CWE-358 CVE-2017-15105: A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An imp
A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.
nvdosv
CVE-2024-43168P4MEDIUMCVSS 4.8≥ 0, < 1.13.1-1+deb11u3≥ 0, < 1.17.1-2+deb12u3+1 more2024-08-12
CVE-2024-43168 [MEDIUM] CVE-2024-43168: DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the e
DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made a claim that there is a security risk within Red Hat products. NLnet Labs has
osv
CVE-2011-1922P4MEDIUMCVSS 4.3v1.0.0v1.0.1+20 more2011-05-31
CVE-2011-1922 [MEDIUM] CWE-399 CVE-2011-1922: daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automat
daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DNS request that triggers improper error handling.
nvdosv
CVE-2011-4528P4MEDIUMCVSS 5.0≥ 0, < 1.4.14-12011-12-20
CVE-2011-4528 [MEDIUM] CVE-2011-4528: Unbound before 1
Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response.
osv
CVE-2020-28935P4MEDIUMCVSS 5.5fixed in 1.13.02020-12-07
CVE-2020-28935 [MEDIUM] CWE-59 CVE-2020-28935: NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including vers
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would
nvdosv
CVE-2009-4008P4MEDIUMCVSS 5.0≤ 1.4.3v0.0+28 more2011-06-02
CVE-2009-4008 [MEDIUM] CWE-399 CVE-2009-4008: Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query
Unbound before 1.4.4 does not send responses for signed zones after mishandling an unspecified query, which allows remote attackers to cause a denial of service (DNSSEC outage) via a crafted query.
nvdosv
CVE-2010-0969P4MEDIUMCVSS 5.0≤ 1.4.2v0.0+27 more2010-03-16
CVE-2010-0969 [MEDIUM] CWE-399 CVE-2010-0969: Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote att
Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
nvdosv
CVE-2024-43167P4LOWCVSS 2.8≥ 0, < 1.13.1-1+deb11u3≥ 0, < 1.17.1-2+deb12u3+1 more2024-08-12
CVE-2024-43167 [LOW] CVE-2024-43167: DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the e
DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made a claim that there is a security risk within Red Hat products. NLnet Labs has no
osv
← Previous3 / 3