VulnerableCode Package Details - pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1

Essentials
History (30)

purl	pkg:deb/debian/knot-resolver@5.3.1-1%2Bdeb11u1

Next non-vulnerable version	5.6.0-1+deb12u1
Latest non-vulnerable version	5.6.0-1+deb12u1
Risk	3.4

Vulnerabilities affecting this package (5)

Vulnerability	Summary	Fixed by
VCID-66sa-bc5p-jqde Aliases: CVE-2023-50387	Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.	5.6.0-1+deb12u1 Affected by 0 other vulnerabilities.
VCID-c7c5-awxv-j3de Aliases: CVE-2022-40188	Knot Resolver before 5.5.3 allows remote attackers to cause a denial of service (CPU consumption) because of algorithmic complexity. During an attack, an authoritative server must return large NS sets or address sets.	5.6.0-1+deb12u1 Affected by 0 other vulnerabilities.
VCID-efrw-bm7j-6qgz Aliases: CVE-2023-46317	Knot Resolver before 5.7.0 performs many TCP reconnections upon receiving certain nonsensical responses from servers.	5.6.0-1+deb12u1 Affected by 0 other vulnerabilities.
VCID-ps4g-f1q9-wqhm Aliases: CVE-2023-26249	Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response.	5.6.0-1+deb12u1 Affected by 0 other vulnerabilities.
VCID-vprj-j7u6-zbe7 Aliases: CVE-2023-50868	Multiple vulnerabilities have been discovered in Dnsmasq, the worst of which could lead to a denial of service.	5.6.0-1+deb12u1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (5)

Vulnerability	Summary	Aliases
VCID-2wu3-v2hz-q3bv	Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.	CVE-2020-12667
VCID-8ks2-kv5d-gkdc	knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for each such uncached message. For example, a few thousand A records can be squashed into one DNS message (limit is 64kB).	CVE-2019-19331
VCID-fptj-ztkq-7uag	A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol.	CVE-2019-10191
VCID-g2wb-bccm-ufhn	A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client even if its DNSSEC validation failed, instead of sending a SERVFAIL packet. Caching is not affected by this particular bug but see CVE-2019-10191.	CVE-2019-10190
VCID-ne61-utfg-8bgx	Knot Resolver before 5.3.2 is prone to an assertion failure, triggerable by a remote attacker in an edge case (NSEC3 with too many iterations used for a positive wildcard proof).	CVE-2021-40083

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:30:14.823724+00:00	Debian Importer	Affected by	VCID-66sa-bc5p-jqde	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:59:58.303775+00:00	Debian Importer	Affected by	VCID-efrw-bm7j-6qgz	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:49:47.320092+00:00	Debian Importer	Affected by	VCID-vprj-j7u6-zbe7	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:40:12.327344+00:00	Debian Importer	Affected by	VCID-c7c5-awxv-j3de	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:01:23.093230+00:00	Debian Importer	Affected by	VCID-ps4g-f1q9-wqhm	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T00:51:24.040593+00:00	Debian Oval Importer	Fixing	VCID-2wu3-v2hz-q3bv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-16T00:01:20.410368+00:00	Debian Oval Importer	Fixing	VCID-g2wb-bccm-ufhn	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:30:55.749031+00:00	Debian Oval Importer	Fixing	VCID-8ks2-kv5d-gkdc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:14:37.252114+00:00	Debian Oval Importer	Fixing	VCID-fptj-ztkq-7uag	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:12:01.008060+00:00	Debian Oval Importer	Fixing	VCID-ne61-utfg-8bgx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-13T08:33:39.054672+00:00	Debian Importer	Affected by	VCID-66sa-bc5p-jqde	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:11:40.550810+00:00	Debian Importer	Affected by	VCID-efrw-bm7j-6qgz	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:04:21.968002+00:00	Debian Importer	Affected by	VCID-vprj-j7u6-zbe7	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:12:58.799046+00:00	Debian Importer	Affected by	VCID-c7c5-awxv-j3de	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:43:16.136325+00:00	Debian Importer	Affected by	VCID-ps4g-f1q9-wqhm	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T00:23:51.188605+00:00	Debian Oval Importer	Fixing	VCID-2wu3-v2hz-q3bv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T23:35:29.276437+00:00	Debian Oval Importer	Fixing	VCID-g2wb-bccm-ufhn	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:15:46.896191+00:00	Debian Oval Importer	Fixing	VCID-8ks2-kv5d-gkdc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:00:02.564184+00:00	Debian Oval Importer	Fixing	VCID-fptj-ztkq-7uag	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:59:26.759804+00:00	Debian Oval Importer	Fixing	VCID-ne61-utfg-8bgx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T23:54:29.854085+00:00	Debian Oval Importer	Fixing	VCID-2wu3-v2hz-q3bv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T23:08:09.946169+00:00	Debian Oval Importer	Fixing	VCID-g2wb-bccm-ufhn	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:42:02.821643+00:00	Debian Importer	Affected by	VCID-66sa-bc5p-jqde	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T19:27:24.023330+00:00	Debian Importer	Affected by	VCID-efrw-bm7j-6qgz	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T19:22:28.851109+00:00	Debian Importer	Affected by	VCID-vprj-j7u6-zbe7	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T18:47:33.966421+00:00	Debian Importer	Affected by	VCID-c7c5-awxv-j3de	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T18:28:06.811550+00:00	Debian Importer	Affected by	VCID-ps4g-f1q9-wqhm	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T18:01:59.733125+00:00	Debian Oval Importer	Fixing	VCID-8ks2-kv5d-gkdc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:46:41.683472+00:00	Debian Oval Importer	Fixing	VCID-fptj-ztkq-7uag	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:52:31.676749+00:00	Debian Oval Importer	Fixing	VCID-ne61-utfg-8bgx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0