VulnerableCode Package Details - pkg:deb/debian/knot-resolver@3.2.1-3

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/knot-resolver@3.2.1-3

Essentials
History (15)

purl	pkg:deb/debian/knot-resolver@3.2.1-3

Next non-vulnerable version	5.6.0-1+deb12u1
Latest non-vulnerable version	5.6.0-1+deb12u1
Risk	3.4

Vulnerabilities affecting this package (5)

Vulnerability	Summary	Fixed by
VCID-2wu3-v2hz-q3bv Aliases: CVE-2020-12667	Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.	5.3.1-1+deb11u1 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-8ks2-kv5d-gkdc Aliases: CVE-2019-19331	knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A records can be squashed into one DNS message (limit is 64kB).	5.3.1-1+deb11u1 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-fptj-ztkq-7uag Aliases: CVE-2019-10191	A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol.	5.3.1-1+deb11u1 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-g2wb-bccm-ufhn Aliases: CVE-2019-10190	A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client even if its DNSSEC validation failed, instead of sending a SERVFAIL packet. Caching is not affected by this particular bug but see CVE-2019-10191.	5.3.1-1+deb11u1 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-ne61-utfg-8bgx Aliases: CVE-2021-40083	Knot Resolver before 5.3.2 is prone to an assertion failure, triggerable by a remote attacker in an edge case (NSEC3 with too many iterations used for a positive wildcard proof).	5.3.1-1+deb11u1 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T00:51:24.036912+00:00	Debian Oval Importer	Affected by	VCID-2wu3-v2hz-q3bv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-16T00:01:20.406862+00:00	Debian Oval Importer	Affected by	VCID-g2wb-bccm-ufhn	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:30:55.745799+00:00	Debian Oval Importer	Affected by	VCID-8ks2-kv5d-gkdc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:14:37.248387+00:00	Debian Oval Importer	Affected by	VCID-fptj-ztkq-7uag	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:12:00.996029+00:00	Debian Oval Importer	Affected by	VCID-ne61-utfg-8bgx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-12T00:23:51.185188+00:00	Debian Oval Importer	Affected by	VCID-2wu3-v2hz-q3bv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:35:29.272368+00:00	Debian Oval Importer	Affected by	VCID-g2wb-bccm-ufhn	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:15:46.892163+00:00	Debian Oval Importer	Affected by	VCID-8ks2-kv5d-gkdc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:00:02.559898+00:00	Debian Oval Importer	Affected by	VCID-fptj-ztkq-7uag	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:59:26.755589+00:00	Debian Oval Importer	Affected by	VCID-ne61-utfg-8bgx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T23:54:29.849426+00:00	Debian Oval Importer	Affected by	VCID-2wu3-v2hz-q3bv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T23:08:09.941570+00:00	Debian Oval Importer	Affected by	VCID-g2wb-bccm-ufhn	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:01:59.729149+00:00	Debian Oval Importer	Affected by	VCID-8ks2-kv5d-gkdc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:46:41.674810+00:00	Debian Oval Importer	Affected by	VCID-fptj-ztkq-7uag	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:52:31.671055+00:00	Debian Oval Importer	Affected by	VCID-ne61-utfg-8bgx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0