This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-05-15 17:58:29 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
bc43a578-14ec-11ed-856e-d4c9ef517024 | Unbound -- Multiple vulnerabilities NLnet Labs reports:
Discovery 2022-08-01 Entry 2022-08-05 unbound < 1.16.2 CVE-2022-30699 CVE-2022-30698 https://www.nlnetlabs.nl/projects/unbound/security-advisories/ |
ffc80e58-0dcb-11ea-9673-4c72b94353b5 | unbound -- parsing vulnerability Unbound Security Advisories:
Discovery 2019-11-19 Entry 2019-11-23 unbound < 1.9.5 https://nlnetlabs.nl/projects/unbound/security-advisories/#vulnerability-in-ipsec-module CVE-2019-18934 |
a2cb7c31-9c79-11ea-a9c2-d05099c0ae8c | unbound -- mutliple vulnerabilities NLNetLabs reports:
Discovery 2020-05-19 Entry 2020-05-22 Modified 2020-07-10 unbound < 1.10.1 FreeBSD ge 12.1 lt 12.1_7 ge 11.4 lt 11.4_1 ge 11.3 lt 11.3_11 SA-20:19.unbound https://lists.nlnetlabs.nl/pipermail/unbound-users/2020-May/006833.html CVE-2020-12662 CVE-2020-12663 |
21a854cc-cac1-11ee-b7a7-353f1e043d9a | DNSSEC validators -- denial-of-service/CPU exhaustion from KeyTrap and NSEC3 vulnerabilities Simon Kelley reports:
Stichting NLnet Labs reports:
Discovery 2024-02-06 Entry 2024-02-13 Modified 2024-04-01 bind916 < 9.16.48 bind918 < 9.18.24 bind9-devel < 9.19.21 dnsmasq < 2.90 dnsmasq-devel < 2.90 powerdns-recursor < 5.0.2 unbound < 1.19.1 FreeBSD ge 14.0 lt 14.0_6 ge 13.2 lt 13.2_11 CVE-2023-50387 CVE-2023-50868 https://kb.isc.org/docs/cve-2023-50387 https://kb.isc.org/docs/cve-2023-50868 https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html https://blog.powerdns.com/2024/02/13/powerdns-recursor-4-8-6-4-9-3-5-0-2-released https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/ SA-24:03.unbound |
5a1c2e06-3fb7-11ed-a402-b42e991fc52e | unbound -- Non-Responsive Delegation Attack A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack starts by querying a resolver for a record that relies on those unresponsive nameservers. The attack can cause a resolver to spend a lot of time/resources resolving records under a malicious delegation point where a considerable number of unresponsive NS records reside. It can trigger high CPU usage in some resolver implementations that continually look in the cache for resolved NS records in that delegation.
Discovery 2022-09-26 Entry 2022-09-29 unbound < 1.16.2 CVE-2022-3204 https://nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt |
8d3bae09-fd28-11e7-95f2-005056925db4 | unbound -- vulnerability in the processing of wildcard synthesized NSEC records Unbound reports:
Discovery 2017-10-08 Entry 2018-01-19 unbound < 1.6.8 https://unbound.net/downloads/CVE-2017-15105.txt CVE-2017-15105 ports/225313 |
388ebb5b-3c95-11eb-929d-d4c9ef517024 | Unbound/NSD -- Denial of service vulnerability NLNetLabs reports:
Discovery 2020-12-01 Entry 2020-12-12 unbound < 1.13.0 nsd < 4.3.4 https://nlnetlabs.nl/downloads/unbound/CVE-2020-28935.txt CVE-2020-28935 |