Описание
Unbound before 1.9.5 allows an out-of-bounds write via a compressed name in rdata_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.6.7-1ubuntu2.4 |
| devel | not-affected | |
| esm-infra-legacy/trusty | not-affected | disputed |
| esm-infra/bionic | released | 1.6.7-1ubuntu2.4 |
| esm-infra/focal | released | 1.9.4-2ubuntu1.2 |
| esm-infra/xenial | not-affected | disputed |
| focal | released | 1.9.4-2ubuntu1.2 |
| groovy | not-affected | 1.11.0-1 |
| hirsute | not-affected | |
| impish | not-affected |
Показывать по
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Unbound before 1.9.5 allows an out-of-bounds write via a compressed name in rdata_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited
Unbound before 1.9.5 allows an out-of-bounds write via a compressed name in rdata_copy. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited
Unbound before 1.9.5 allows an out-of-bounds write via a compressed na ...
Unbound before 1.9.5 allows an out-of-bounds write via a compressed name in rdata_copy.
Уязвимость функции rdata_copy DNS-сервера Unbound, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3