Nic: >> Knot Resolver >> 1.3.1 Security Vulnerabilities
A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol.
CVSS Score
6.3
EPSS Score
0.005
Published
2019-07-16
Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache.
CVSS Score
7.5
EPSS Score
0.079
Published
2018-08-02
Improper input validation bugs in DNSSEC validators components in Knot Resolver (prior version 1.5.2) allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay.
CVSS Score
3.7
EPSS Score
0.004
Published
2018-01-22
Page 2