CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-19861
https://notcve.org/view.php?id=CVE-2020-19861
21 Jan 2022 — When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt_rdf) byte data can be copied, causing heap overflow information leakage. Cuando es analizado un archivo de zona en ldns versión 1.7.1, la función ldns_nsec3_salt_data es demasiado confiable para el valor de longitud obtenido del archivo de zona. Cuando es copiado el memcpy, los datos de bytes 0xfe - ldns_rdf_size... • https://cwe.mitre.org/data/definitions/126.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-19860 – Ubuntu Security Notice USN-5257-1
https://notcve.org/view.php?id=CVE-2020-19860
21 Jan 2022 — When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload. Cuando ldns versión 1.7.1, verifica un archivo de zona, la función ldns_rr_new_frm_str_internal presenta una vulnerabilidad de lectura fuera de límites de la pila. Un atacante puede filtrar información en la pila al construir una carga útil de archivo de zona It was discovered that ldns incorrect... • https://github.com/NLnetLabs/ldns/commit/15d96206996bea969fbc918eb0a4a346f514b9f3 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43174 – gzip transfer encoding caused out-of-memory crash
https://notcve.org/view.php?id=CVE-2021-43174
09 Nov 2021 — NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions of Routinator. RRDP uses XML which allows arbitrary amounts of white space in the encoded data. The gzip scheme compresses such white space extremely well, leading to very small compressed files that become huge when being decompressed for further processing, big enough that Routi... • https://www.debian.org/security/2022/dsa-5041 • CWE-787: Out-of-bounds Write CWE-1325: Improperly Controlled Sequential Memory Allocation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43173 – Hanging RRDP request
https://notcve.org/view.php?id=CVE-2021-43173
09 Nov 2021 — In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive. This can be used to effectively stall validation. While Routinator has a configurable time-out value for RRDP connections, this time-out was only applied to individual read or write operations rather than the complete request. Thus, if an RRDP repository sends a little bit of data before that time-out expired, it can contin... • https://www.debian.org/security/2021/dsa-5033 • CWE-400: Uncontrolled Resource Consumption CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43172 – Infinite length chain of RRDP repositories
https://notcve.org/view.php?id=CVE-2021-43172
09 Nov 2021 — NLnet Labs Routinator prior to 0.10.2 happily processes a chain of RRDP repositories of infinite length causing it to never finish a validation run. In RPKI, a CA can choose the RRDP repository it wishes to publish its data in. By continuously generating a new child CA that only consists of another CA using a different RRDP repository, a malicious CA can create a chain of CAs of de-facto infinite length. Routinator prior to version 0.10.2 did not contain a limit on the length of such a chain and will theref... • https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-43172_CVE-2021-43173_CVE-2021-43174.txt • CWE-674: Uncontrolled Recursion CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-41531 – Invalid RPKI data could disable Route Origin Validation on RTR clients.
https://notcve.org/view.php?id=CVE-2021-41531
21 Sep 2021 — NLnet Labs Routinator prior to 0.10.0 produces invalid RTR payload if an RPKI CA uses too large values in the max-length parameter in a ROA. This will lead to RTR clients such as routers to reject the RPKI data set, effectively disabling Route Origin Validation. NLnet Labs Routinator versiones anteriores a 0.10.0, produce una carga útil RTR no válida si una CA RPKI usa valores demasiado grandes en el parámetro de longitud máxima en un ROA. Esto conlleva a que los clientes RTR, como los enrutadores, rechacen... • https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-41531.txt • CWE-20: Improper Input Validation CWE-1288: Improper Validation of Consistency within Input •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2019-25031 – Ubuntu Security Notice USN-4938-1
https://notcve.org/view.php?id=CVE-2019-25031
27 Apr 2021 — Unbound before 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session. NOTE: The vendor does not consider this a vulnerability of the Unbound software. create_unbound_ad_servers.sh is a contributed script from the community that facilitates automatic configuration creation. It is not part of the Unbound installation ** EN DISPUTA ** Unbound versiones anteriores a 1.9.5, permite la inyección de configuración en el archi... • https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-25032 – unbound: integer overflow in the regional allocator via regional_alloc
https://notcve.org/view.php?id=CVE-2019-25032
27 Apr 2021 — Unbound before 1.9.5 allows an integer overflow in the regional allocator via regional_alloc. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited ** EN DISPUTA ** Unbound versiones anteriores a 1.9.5, permite un desbordamiento de enteros en el asignador regional por medio de la función regional_alloc. NOTA: El proveedor niega que esto sea una vulnerabilidad. Aunque el código puede ser vulnerable, ... • https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-25033 – unbound: integer overflow in the regional allocator via the ALIGN_UP macro
https://notcve.org/view.php?id=CVE-2019-25033
27 Apr 2021 — Unbound before 1.9.5 allows an integer overflow in the regional allocator via the ALIGN_UP macro. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited ** EN DISPUTA ** Unbound versiones anteriores a 1.9.5, permite un desbordamiento de enteros en el asignador regional por medio de la macro ALIGN_UP. NOTA: El proveedor niega que esto sea una vulnerabilidad. Aunque el código puede ser vulnerable, una ... • https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-25034 – unbound: integer overflow in sldns_str2wire_dname_buf_origin can lead to an out-of-bounds write
https://notcve.org/view.php?id=CVE-2019-25034
27 Apr 2021 — Unbound before 1.9.5 allows an integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited ** EN DISPUTA ** Unbound versiones anteriores a 1.9.5, permite un desbordamiento de enteros en la función sldns_str2wire_dname_buf_origin, conllevando a una escritura fuera de límites. NOTA: El proveedor niega que esto sea una vu... • https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •