CVE-2022-3346

Name of the Vulnerable Software and Affected Versions go-resolver (affected versions not specified)

Description The issue is related to incorrect DNSSEC validation. An attacker can cause the package to report successful validation for invalid, attacker-controlled records. The owner name of RRSIG RRs is not validated, allowing an attacker to present the RRSIG for an attacker-controlled domain in a response for any other domain.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.