Количество 2
Количество 2
CVE-2022-3347
DNSSEC validation is not performed correctly. An attacker can cause this package to report successful validation for invalid, attacker-controlled records. Root DNSSEC public keys are not validated, permitting an attacker to present a self-signed root key and delegation chain.
GHSA-jr65-gpj5-cw74
go-resolver's DNSSEC validation not performed correctly
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-3347 DNSSEC validation is not performed correctly. An attacker can cause this package to report successful validation for invalid, attacker-controlled records. Root DNSSEC public keys are not validated, permitting an attacker to present a self-signed root key and delegation chain. | CVSS3: 7.5 | 0% Низкий | около 3 лет назад |
| GHSA-jr65-gpj5-cw74 go-resolver's DNSSEC validation not performed correctly | CVSS3: 7.7 | 0% Низкий | около 3 лет назад |
Уязвимостей на страницу