pkg:Debian/ldns

All known vulnerabilities

• CRITICAL9.8CVE-2017-1000232A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
  from 0, < 1.7.0-4
• CRITICAL9.8CVE-2017-1000231ldns - security update
  from 0, < 1.7.0-1+deb9u1
• CRITICAL9.8CVE-2017-1000231ldns - security update
  from 0, < 1.6.13-1+deb7u2
• CRITICAL9.8CVE-2017-1000231ldns - security update
  from 0, < 1.7.0-4
• HIGH7.5CVE-2020-19861When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file.
  from 0
• MEDIUM6.5CVE-2020-19860When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability.
  from 0
• —CVE-2014-3209The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain…
  from 0, < 1.6.17-4
• —CVE-2011-3581ldns - buffer overflow
  from 0, < 1.6.6-2+squeeze1
• —CVE-2011-3581ldns - buffer overflow
  from 0, < 1.6.11-1
• —CVE-2009-1086ldns - arbitrary code execution
  from 0, < 1.4.0-1+lenny1
• —CVE-2009-1086ldns - arbitrary code execution
  from 0, < 1.5.1-1