Lucene search

MitreCVELIST:CVE-2020-19860

HistoryJan 21, 2022 - 1:40 p.m.

CVE-2020-19860

2022-01-2113:40:44

mitre

www.cve.org

ldns version 1.7.1

heap out of bounds

read vulnerability

zone file payload

AI Score

6.8

Confidence

High

EPSS

0.002

Percentile

52.0%

JSON

When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload.

References

github.com/NLnetLabs/ldns/commit/15d96206996bea969fbc918eb0a4a346f514b9f3

github.com/NLnetLabs/ldns/issues/50