Lucene search
K

135 matches found

RedHat Linux
RedHat Linux
added 2 days ago4 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS5.8AI score0.00813EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2 days ago4 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS5.8AI score0.00813EPSS
Exploits0References8
Redos
Redos
added 2026/06/22 12:0 a.m.5 views

ROS-20260622-73-0032

The vulnerability of the LookupCNAME function in the Go programming language is related to a memory reclamation error when processing CNAME records. Exploiting this vulnerability can allow an attacker to cause service interruptions...

7.5CVSS5.9AI score0.00813EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/17 11:5 p.m.7 views

netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation

A flaw was found in Netty's DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin bailiwick of CNAME records in DNS...

10CVSS5.2AI score0.00218EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/17 4:18 p.m.9 views

netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation

A flaw was found in Netty's DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin bailiwick of CNAME records in DNS...

10CVSS5.2AI score0.00218EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/17 3:45 p.m.6 views

netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation

A flaw was found in Netty's DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin bailiwick of CNAME records in DNS...

10CVSS5.3AI score0.00218EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/15 8:35 a.m.13 views

CVE-2026-45674

A flaw was found in Netty's DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin bailiwick of CNAME records in DNS...

10CVSS4.9AI score0.00218EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/12 2:17 p.m.11 views

EUVD-2026-36450

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext fails to validate the origin bailiwick of CNAME records in DNS responses. Versions 4.1.135.Final and 4.2.15.Final patch the issue...

8.7CVSS5.2AI score0.00218EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/12 2:17 p.m.59 views

CVE-2026-45674 Netty Vulnerable to DNS Cache Poisoning via Missing Bailiwick Checks in CNAME Records

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext fails to validate the origin bailiwick of CNAME records in DNS responses. Versions 4.1.135.Final and 4.2.15.Final patch the issue...

8.7CVSS5.2AI score0.00218EPSS
Exploits0References3
CVE
CVE
added 2026/06/12 2:17 p.m.215 views

CVE-2026-45674

CVE-2026-45674 affects Netty DNS resolution: the DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses. Affected versions are 4.1.135.Final and 4.2.15.Final; the issue is patched in those same versions. Potential impact is DNS cache poisoning via missing bai...

10CVSS5.2AI score0.00218EPSS
Exploits0References10Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.12 views

EulerOS 2.0 SP13 : avahi (EulerOS-SA-2026-2321)

According to the versions of the avahi packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any...

6.5CVSS5.5AI score0.00252EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.6 views

EulerOS 2.0 SP13 : avahi (EulerOS-SA-2026-2278)

According to the versions of the avahi packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any...

6.5CVSS5.5AI score0.00252EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.13 views

EulerOS 2.0 SP11 : avahi (EulerOS-SA-2026-2197)

According to the versions of the avahi packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below,...

6.5CVSS5.5AI score0.00252EPSS
Exploits0References2
Snyk
Snyk
added 2026/06/08 11:2 p.m.8 views

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity due to missing validation of the origin of CNAME records in DNS responses within the DnsResolveContext function. An attacker can inject unauthorized DNS records by supplying malicious DNS...

10CVSS5.5AI score0.00218EPSS
Exploits0References2
OSV
OSV
added 2026/06/08 11:2 p.m.10 views

GHSA-676X-F7GG-47VC Netty Vulnerable to DNS Cache Poisoning via Missing Bailiwick Checks in CNAME Records

Summary Netty's DnsResolveContext fails to validate the origin bailiwick of CNAME records in DNS responses. Details In io.netty.resolver.dns.DnsResolveContextbuildAliasMap, the resolver processes the ANSWER section of a DNS response and blindly caches all CNAME records it finds. According to...

8.7CVSS5.5AI score0.00218EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.9 views

EulerOS Virtualization 2.13.1 : avahi (EulerOS-SA-2026-2120)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, ...

6.5CVSS5.6AI score0.00353EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.10 views

EulerOS Virtualization 2.13.0 : avahi (EulerOS-SA-2026-2159)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, ...

6.5CVSS5.6AI score0.00353EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/05/29 10:19 a.m.11 views

CVE-2026-33811

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS5.8AI score0.00813EPSS
Exploits0References7
OSV
OSV
added 2026/05/11 5:44 a.m.10 views

BIT-GOLANG-2026-33811 Crash when handling long CNAME response in net

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

7.5CVSS5.8AI score0.00813EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/09 2:43 a.m.8 views

SUSE CVE-2026-33811

When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash...

7.5CVSS5.8AI score0.00813EPSS
Exploits0References14
Rows per page
Query Builder