CVE-2020-8277

2020-11-19T01:15:00
ID CVE-2020-8277
Type cve
Reporter cve-assignments@hackerone.com
Modified 2021-07-20T23:15:00

Description

A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1.