VulnerableCode Package Details - pkg:apk/alpine/knot-resolver@4.1.0-r0?arch=aarch64&distroversion=v3.13&reponame=community

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:apk/alpine/knot-resolver@4.1.0-r0?arch=aarch64&distroversion=v3.13&reponame=community

purl	pkg:apk/alpine/knot-resolver@4.1.0-r0?arch=aarch64&distroversion=v3.13&reponame=community

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-fptj-ztkq-7uag	A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol.	CVE-2019-10191
VCID-g2wb-bccm-ufhn	A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client even if its DNSSEC validation failed, instead of sending a SERVFAIL packet. Caching is not affected by this particular bug but see CVE-2019-10191.	CVE-2019-10190

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-08T06:26:03.590710+00:00	Alpine Linux Importer	Fixing	VCID-g2wb-bccm-ufhn	https://secdb.alpinelinux.org/v3.13/community.json	38.1.0
2026-04-01T19:09:52.166571+00:00	Alpine Linux Importer	Fixing	VCID-fptj-ztkq-7uag	https://secdb.alpinelinux.org/v3.13/community.json	38.0.0