1.9.6

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-14	CVE-2023-50387	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. network low complexity redhat microsoft fedoraproject thekelleys nic powerdns isc nlnetlabs CWE-770	7.5
2020-12-07	CVE-2020-28935	Link Following vulnerability in multiple products NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. local low complexity nlnetlabs debian CWE-59	5.5
2020-05-19	CVE-2020-12663	Infinite Loop vulnerability in multiple products Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers. network low complexity nlnetlabs debian opensuse canonical fedoraproject CWE-835	7.5
2020-05-19	CVE-2020-12662	Resource Exhaustion vulnerability in multiple products Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. network low complexity nlnetlabs debian opensuse canonical fedoraproject CWE-400	7.5