DEBIAN-CVE-2020-12662

DEBIAN-CVE-2020-12662 PUBLISHED CVSS 7.5 HIGH

Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:13	unbound	0, 0, 0
Debian:11	unbound	0, 0, 0
Debian:14	unbound	0, 0, 0
Debian:12	unbound	0, 0, 0

Timeline

May 19, 2020 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2020-12662 advisory

Open in Interactive Console →