Vulnerability in Cz.nic Knot-resolver
CVE-2019-19331
knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. DNS replies with very many resource records might be processed very inefficiently, in extreme cases taking even several CPU seconds for eac…
EPSS: 0.022 (79.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.
Affected products
- Cz.nic Knot-resolver — versions 4.3.0
- Nic Knot_resolver
- Debian Debian_linux — versions 10.0
Weakness classification (CWE)
References
- secalert@redhat.com (Exploit, Patch, Issue Tracking)
- secalert@redhat.com (Release Notes, Vendor Advisory)
- secalert@redhat.com (mailing-list)
Frequently asked questions
- What is CVE-2019-19331?
- CVE-2019-19331 is a high-severity vulnerability in Cz.nic Knot-resolver, classified under Inefficient Algorithmic Complexity. CVSS score: 7.5/10. Published 2019-12-16.
- How severe is CVE-2019-19331?
- High severity. CVSS v3 base score is 7.5 out of 10.