CVE-2019-16866

Published October 3rd, 2019

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

MEDIUM

Affected

PROJECT

Description

Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule.

NLnetLabs/unbound

Unbound is a validating, recursive, and caching DNS resolver.

GitHub

4.59K