unbound (SUSE:Linux Enterprise Module for Package Hub 15 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Package Hub 15 SP5 package unbound, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2023-50387 — CVSS 7.5 (high): Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of…
CVE-2022-3204 — CVSS 7.5 (high): A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The…
CVE-2023-50868 — CVSS 7.5 (high): The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a…
CVE-2022-30698 — CVSS 6.5 (medium): NLnet Labs Unbound, up to and including version 1.16.1 is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability…
CVE-2022-30699 — CVSS 6.5 (medium): NLnet Labs Unbound, up to and including version 1.16.1, is vulnerable to a novel type of the "ghost domain names" attack. The vulnerability…
CVE-2024-8508 — CVSS 5.3 (medium): NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs…
CVE-2024-43167 — CVSS 2.8 (low): DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls…