Cz.Nic · Knot Resolver · CVE-2018-10920
**Name of the Vulnerable Software and Affected Versions**
Knot Resolver versions prior to 2.4.1
**Description**
The issue is related to an improper input validation bug in the DNS resolver component. This bug allows a remote attacker to poison the cache.
**Recommendations**
For versions prior to 2.4.1, update to version 2.4.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the DNS resolver component to minimize the risk of exploitation.