<p>There is no fixed version for <code>CZ-NIC/knot-resolver</code>.</p>

DNS Cache Poisoning The advisory has been revoked - it doesn't affect any version of package CZ-NIC/knot-resolver Open this link in a new tab

Threat Intelligence

EPSS 0.08% (33^rd percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-UNMANAGED-CZNICKNOTRESOLVER-2932974
published 21 Jun 2022
disclosed 21 Jun 2022
credit Unknown

Report a new vulnerability Found a mistake?

Introduced: 21 Jun 2022

CVE-2022-32983 Open this link in a new tab CWE-345 Open this link in a new tab

How to fix?

There is no fixed version for CZ-NIC/knot-resolver.

Amendment

This was deemed not a vulnerability.

Overview

Affected versions of this package are vulnerable to DNS Cache Poisoning when filters are used to limit forwarding actions, which could have the unintended consequence of forwarding arbitrary DNS records.

References

GitHub Commit