A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol.
{
"binaries": [
{
"binary_name": "knot-resolver",
"binary_version": "2.1.1-1ubuntu0.1~esm2"
},
{
"binary_name": "knot-resolver-module-http",
"binary_version": "2.1.1-1ubuntu0.1~esm2"
},
{
"binary_name": "libkres-dev",
"binary_version": "2.1.1-1ubuntu0.1~esm2"
},
{
"binary_name": "libkres6",
"binary_version": "2.1.1-1ubuntu0.1~esm2"
}
]
}