FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-16 12:24:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
f2d8342f-1134-11ef-8791-6805ca2fa271	dnsdist -- Transfer requests received over DoH can lead to a denial of service PowerDNS Security Advisory reports: When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to a tcp-only or DNS over TLS backend, an attacker can trigger an assertion failure in DNSdist by sending a request for a zone transfer (AXFR or IXFR) over DNS over HTTPS, causing the process to stop and thus leading to a Denial of Service. DNS over HTTPS is not enabled by default, and backends are using plain DNS (Do53) by default. Discovery 2024-05-13 Entry 2024-05-13 dnsdist < 1.9.4 CVE-2024-25581 https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2024-03.html

VuXML ID

Description

f2d8342f-1134-11ef-8791-6805ca2fa271

dnsdist -- Transfer requests received over DoH can lead to a denial of service

PowerDNS Security Advisory reports:

When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to a tcp-only or DNS over TLS backend, an attacker can trigger an assertion failure in DNSdist by sending a request for a zone transfer (AXFR or IXFR) over DNS over HTTPS, causing the process to stop and thus leading to a Denial of Service. DNS over HTTPS is not enabled by default, and backends are using plain DNS (Do53) by default.

Discovery 2024-05-13
Entry 2024-05-13
dnsdist

< 1.9.4

CVE-2024-25581
https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2024-03.html