Vulnerabilities > NIC > Knot Resolver > 1.2.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-16 | CVE-2019-10191 | Improper Input Validation vulnerability in multiple products A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol. | 7.5 |
| 2019-07-16 | CVE-2019-10190 | Improper Input Validation vulnerability in multiple products A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer. | 7.5 |
| 2018-08-02 | CVE-2018-10920 | Improper Input Validation vulnerability in NIC Knot Resolver Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache. | 4.3 |
| 2018-01-22 | CVE-2018-1000002 | Improper Input Validation vulnerability in NIC Knot Resolver Improper input validation bugs in DNSSEC validators components in Knot Resolver (prior version 1.5.2) allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay. | 4.3 |