Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of resource-limiting controls in the gRPC, HTTPS, and HTTP3 server implementations. An attacker can exhaust memory and cause the server to degrade or crash by opening...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of resource-limiting controls in the gRPC, HTTPS, and HTTP3 server implementations. An attacker can exhaust memory and cause the server to degrade or crash by opening...

Incorrect Conversion between Numeric Types

Overview Affected versions of this package are vulnerable to Incorrect Conversion between Numeric Types via the TTL function, which casts the 64-bit etcd lease ID to a uint32 and uses it as the TTL. An attacker can cause prolonged caching of DNS records and disrupt DNS resolution by supplying lar...

CoreDNS: DNS Cache Pinning via etcd Lease ID Confusion

Summary The CoreDNS etcd plugin contains a TTL confusion vulnerability where lease IDs are incorrectly used as TTL values, enabling cache pinning for very long periods. This can effectively cause a denial of service for DNS updates/changes to affected services. Details In plugin/etcd/etcd.go, the...