Skip to content

Unbound 1.19.2 Security Advisory #11821

New issue
New issue
Open
Open
Unbound 1.19.2 Security Advisory#11821
Assignees
RedL0tus
Labels
securityTopic/issue involves a security issue/fixed
@RedL0tus

Description

@RedL0tus
RedL0tus
opened on Jul 23, 2025

Affected package (and version)

unbound (1.19.2+icannbundle20210902-1)

CVE ID(s)

CVE-2024-33655, CVE-2024-33655, CVE-2025-5994

Severity

High

Other security advisory ID(s)

Description/References

  • CVE-2024-33655: Low risk, possibility of participation in the pulsing DoS amplification attack.
  • CVE-2024-33655: Medium risk, possibility of DoS in orchestrated attacks.
  • CVE-2025-5994: High risk, cache poisoning vulnerability named "rebirthday attack" in caching resolvers that support EDNS Client Subnet (ECS).

Patch(es)/Solution(s)

N/A

Metadata

Metadata

Assignees

Labels

securityTopic/issue involves a security issue/fixed

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions