Home

CVE-2020-12663

Description

Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
9.083

Associated Vulnerability

VulnerabilityOS Platform
unbound security update(DSA-4694-1) unbound_1.9.0-2+deb10u2_i386.debLinux
validating, recursive, caching DNS resolver (USN-4374-1) unbound_1.6.7-1ubuntu2.3_i386.debLinux
validating, recursive, caching DNS resolver (USN-4374-1) unbound_1.6.7-1ubuntu2.3_amd64.debLinux
validating, recursive, caching DNS resolver (USN-4374-1) unbound_1.9.0-2ubuntu1.1_i386.debLinux
validating, recursive, caching DNS resolver (USN-4374-1) unbound_1.9.0-2ubuntu1.1_amd64.debLinux
validating, recursive, caching DNS resolver (USN-4374-1) unbound_1.9.4-2ubuntu1.1_i386.debLinux
validating, recursive, caching DNS resolver (USN-4374-1) unbound_1.9.4-2ubuntu1.1_amd64.debLinux
validating, recursive, caching DNS resolver (USN-4374-1) libunbound2_1.6.7-1ubuntu2.3_i386.debLinux
validating, recursive, caching DNS resolver (USN-4374-1) libunbound2_1.6.7-1ubuntu2.3_amd64.debLinux
validating, recursive, caching DNS resolver (USN-4374-1) libunbound8_1.9.0-2ubuntu1.1_i386.debLinux
validating, recursive, caching DNS resolver (USN-4374-1) libunbound8_1.9.0-2ubuntu1.1_amd64.debLinux
validating, recursive, caching DNS resolver (USN-4374-1) libunbound8_1.9.4-2ubuntu1.1_i386.debLinux
validating, recursive, caching DNS resolver (USN-4374-1) libunbound8_1.9.4-2ubuntu1.1_amd64.debLinux
(RHSA-2020:2414) unbound security update unbound-1.6.6-4.el7_8.x86_64.rpmLinux
(RHSA-2020:2414) unbound security update unbound-devel-1.6.6-4.el7_8.i686.rpmLinux
(RHSA-2020:2414) unbound security update unbound-devel-1.6.6-4.el7_8.x86_64.rpmLinux
(RHSA-2020:2414) unbound security update unbound-libs-1.6.6-4.el7_8.i686.rpmLinux
(RHSA-2020:2414) unbound security update unbound-libs-1.6.6-4.el7_8.x86_64.rpmLinux
(RHSA-2020:2414) unbound security update unbound-python-1.6.6-4.el7_8.x86_64.rpmLinux
(RHSA-2020:2640) unbound security update unbound-1.4.20-29.el6_10.1.i686.rpmLinux
(RHSA-2020:2640) unbound security update unbound-1.4.20-29.el6_10.1.x86_64.rpmLinux
(RHSA-2020:2640) unbound security update unbound-devel-1.4.20-29.el6_10.1.i686.rpmLinux
(RHSA-2020:2640) unbound security update unbound-devel-1.4.20-29.el6_10.1.x86_64.rpmLinux
(RHSA-2020:2640) unbound security update unbound-libs-1.4.20-29.el6_10.1.i686.rpmLinux
(RHSA-2020:2640) unbound security update unbound-libs-1.4.20-29.el6_10.1.x86_64.rpmLinux
(RHSA-2020:2640) unbound security update unbound-python-1.4.20-29.el6_10.1.i686.rpmLinux
(RHSA-2020:2640) unbound security update unbound-python-1.4.20-29.el6_10.1.x86_64.rpmLinux
Python3-unbound update (ELSA-2020-2416) python3-unbound-1.7.3-11.el8_2.x86_64.rpmLinux
Unbound-devel update (ELSA-2020-2416) unbound-devel-1.7.3-11.el8_2.x86_64.rpmLinux
Unbound-libs update (ELSA-2020-2416) unbound-libs-1.7.3-11.el8_2.x86_64.rpmLinux
Unbound-devel update (ELSA-2020-2416) unbound-devel-1.7.3-11.el8_2.i686.rpmLinux
Unbound-libs update (ELSA-2020-2416) unbound-libs-1.7.3-11.el8_2.i686.rpmLinux
(CESA-2020:2414) unbound security update unbound-1.6.6-4.el7_8.x86_64.rpmLinux
(CESA-2020:2414) unbound security update unbound-devel-1.6.6-4.el7_8.i686.rpmLinux
(CESA-2020:2414) unbound security update unbound-devel-1.6.6-4.el7_8.x86_64.rpmLinux
(CESA-2020:2414) unbound security update unbound-libs-1.6.6-4.el7_8.i686.rpmLinux
(CESA-2020:2414) unbound security update unbound-libs-1.6.6-4.el7_8.x86_64.rpmLinux
(CESA-2020:2414) unbound security update unbound-python-1.6.6-4.el7_8.x86_64.rpmLinux
Loop with Unreachable Exit Condition (Infinite Loop) Vulnerability (CVE-2020-12663)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234