RSS   Vulnerabilities for 'Unbound'   RSS

2021-04-27
 
CVE-2019-25042

CWE-787
 

 
Unbound before 1.9.5 allows an out-of-bounds write via a compressed name in rdata_copy.

 
 
CVE-2019-25041

CWE-617
 

 
Unbound before 1.9.5 allows an assertion failure via a compressed name in dname_pkt_copy.

 
 
CVE-2019-25040

CWE-835
 

 
Unbound before 1.9.5 allows an infinite loop via a compressed name in dname_pkt_copy.

 
 
CVE-2019-25039

CWE-190
 

 
Unbound before 1.9.5 allows an integer overflow in a size calculation in respip/respip.c.

 
 
CVE-2019-25038

CWE-190
 

 
Unbound before 1.9.5 allows an integer overflow in a size calculation in dnscrypt/dnscrypt.c.

 
 
CVE-2019-25037

CWE-617
 

 
Unbound before 1.9.5 allows an assertion failure and denial of service in dname_pkt_copy via an invalid packet.

 
 
CVE-2019-25036

CWE-617
 

 
Unbound before 1.9.5 allows an assertion failure and denial of service in synth_cname.

 
 
CVE-2019-25035

CWE-787
 

 
Unbound before 1.9.5 allows an out-of-bounds write in sldns_bget_token_par.

 
 
CVE-2019-25034

CWE-190
 

 
Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write.

 
 
CVE-2019-25033

CWE-190
 

 
Unbound before 1.9.5 allows an integer overflow in the regional allocator via the ALIGN_UP macro.

 


Copyright 2024, cxsecurity.com

 

Back to Top