unbound is vulnerable to denial of service. There is no available reproducer or proof of concept for this issue, nor it was ever proven the buffer overflow can happen in practice. Indeed in the original report this issue was considered one that might not be triggered and for this reason its Impact is Moderate.
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/
access.redhat.com/errata/RHSA-2021:1853
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1954778
lists.debian.org/debian-lts-announce/2021/05/msg00007.html
ostif.org/our-audit-of-unbound-dns-by-x41-d-sec-full-results/
security.netapp.com/advisory/ntap-20210507-0007/