CVE-2022-32983

Опубликовано: 20 июн. 2022

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters.

Ссылки

https://github.com/CZ-NIC/knot-resolver/commit/ccb9d9794db5eb757c33becf65cb1cf48ecfd968
Patch
Third Party Advisory
https://knot-resolver.readthedocs.io/en/stable/modules-policy.html#forwarding
Vendor Advisory
https://github.com/CZ-NIC/knot-resolver/commit/ccb9d9794db5eb757c33becf65cb1cf48ecfd968
Patch
Third Party Advisory
https://knot-resolver.readthedocs.io/en/stable/modules-policy.html#forwarding
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:nic:knot_resolver:*:*:*:*:*:*:*:*

Версия до 5.5.1 (включая)

EPSS

Процентиль: 60%

0.00395

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-290

Связанные уязвимости

CVE-2022-32983

CVSS3: 5.3

ubuntu

больше 3 лет назад

Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters.

CVE-2022-32983

CVSS3: 5.3

debian

больше 3 лет назад

Knot Resolver through 5.5.1 may allow DNS cache poisoning when there i ...

GHSA-p3g6-9xqh-3vvh

CVSS3: 5.3

github

больше 3 лет назад

Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters.

EPSS

Процентиль: 60%

0.00395

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-290