threat
engine
.sh
Back
·
··:··
Home
/
Product
/
nic knot resolver
Product
nic knot resolver
14 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2023-50387
< 5.71
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a den
7.5
HIGH
CVE-2023-46317
< 5.7.0
Knot Resolver before 5.7.0 performs many TCP reconnections upon receiving certain nonsensical responses from servers.
7.5
HIGH
CVE-2023-26249
< 5.6.0
Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a d
7.5
HIGH
CVE-2022-40188
< 5.5.3
Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexit
7.5
HIGH
CVE-2022-32983
<= 5.5.1
Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters.
5.3
MEDIUM
CVE-2021-40083
< 5.3.2
Knot Resolver before 5.3.2 is prone to an assertion failure, triggerable by a remote attacker in an edge case (NSEC3 with too many
7.5
HIGH
CVE-2018-1110
< 2.3.0
A flaw was found in knot-resolver before version 2.3.0. Malformed DNS messages may cause denial of service.
7.5
HIGH
CVE-2020-12667
< 5.1.1
Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSA
7.5
HIGH
CVE-2019-19331
< 4.3.0
knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many res
7.5
HIGH
CVE-2013-5661
< 1.3.0
Cache Poisoning issue exists in DNS Response Rate Limiting.
5.9
MEDIUM
CVE-2019-10191
< 4.1.0
A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DN
7.5
HIGH
CVE-2019-10190
<= 3.2.0
A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote a
7.5
HIGH
CVE-2018-10920
< 2.4.1
Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache.
6.8
MEDIUM
CVE-2018-1000002
< 1.5.2
Improper input validation bugs in DNSSEC validators components in Knot Resolver (prior version 1.5.2) allow attacker in man-in-the
3.7
LOW
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin