Vulnerabilities > NIC > Knot Resolver > 1.4.0

DATE CVE VULNERABILITY TITLE RISK
2019-07-16 CVE-2019-10190 A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer.
network
low complexity
nic fedoraproject
7.5
7.5
2018-08-02 CVE-2018-10920 Improper Input Validation vulnerability in NIC Knot Resolver
Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache.
network
high complexity
nic CWE-20
6.8
6.8
2018-01-22 CVE-2018-1000002 Improper Input Validation vulnerability in NIC Knot Resolver
Improper input validation bugs in DNSSEC validators components in Knot Resolver (prior version 1.5.2) allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay.
network
high complexity
nic CWE-20
3.7
3.7