vulnerability
Arch Linux: Insufficient validation (CVE-2020-12244)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | May 19, 2020 | Jul 11, 2025 | Nov 27, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
May 19, 2020
Added
Jul 11, 2025
Modified
Nov 27, 2025
Description
An issue has been found in PowerDNS Recursor before 4.3.1 and 4.2.2 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer. This would allow an attacker in position of man-in-the-middle to send a NXDOMAIN answer for a name that does exist, bypassing DNSSEC validation.
Solution
arch-linux-upgrade-latest
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.