Your submission was sent successfully! Close

CVE-2020-12662

Published: 19 May 2020

Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
unbound
Launchpad, Ubuntu, Debian
bionic
Released (1.6.7-1ubuntu2.3)
eoan
Released (1.9.0-2ubuntu1.1)
focal
Released (1.9.4-2ubuntu1.1)
groovy Not vulnerable
(1.10.1-1)
hirsute Not vulnerable
(1.10.1-1)
impish Not vulnerable
(1.10.1-1)
jammy Not vulnerable
(1.10.1-1)
precise Does not exist

trusty Needed

upstream
Released (1.10.1-1)
xenial Needed