The dnspython stub resolver is vulnerable to a denial of service (DoS) risk if an attacker sends a malicious response forged with the correct address and port before a legitimate one arrives on the UDP port used by dnspython for the query. In such cases, dnspython could either switch to another resolver or abandon the query altogether, potentially leading to service denial for that resolution.
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.