{"id":"CVE-2019-18934","details":"Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration.","modified":"2026-04-10T04:16:12.322288Z","published":"2019-11-19T18:15:10.523Z","related":["MGASA-2019-0344","SUSE-SU-2020:1772-1","SUSE-SU-2020:1819-1","openSUSE-SU-2020:0912-1","openSUSE-SU-2020:0913-1","openSUSE-SU-2024:11005-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCR6JP7MSRARTOGEHGST64G4FJGX5VK/"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html"},{"type":"ADVISORY","url":"https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog"},{"type":"ADVISORY","url":"https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html"},{"type":"FIX","url":"https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt"},{"type":"EVIDENCE","url":"http://www.openwall.com/lists/oss-security/2019/11/19/1"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nlnetlabs/unbound","events":[{"introduced":"ac98f4806f91599266a1d83887a243eb46f68106"},{"last_affected":"b60c4a472c856f0a98120b7259e991b3a6507eb5"}],"database_specific":{"versions":[{"introduced":"1.6.4"},{"last_affected":"1.9.4"}]}}],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"31"}]},{"events":[{"introduced":"0"},{"last_affected":"15.1"}]},{"events":[{"introduced":"0"},{"last_affected":"15.2"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-18934.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}]}