Lucene search
K

244 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2026/06/30 12:0 a.m.3 views

Security update for dnsdist (moderate)

openSUSE security update: security update for dnsdist ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21015-1 Rating: moderate References: bsc1261236 bsc1261237 bsc1261238 bsc1261239 bsc1261240 bsc1261241 bsc1261243 bsc1262536 bsc1262537 bsc1262538...

8.2CVSS6.2AI score0.01073EPSS
Exploits0References18
Debian
Debian
added 2026/06/25 7:21 p.m.8 views

[SECURITY] [DSA 6367-1] dnsdist security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6367-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 25, 2026 https://www.debian.org/security/faq -...

5.3CVSS5.8AI score0.00479EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/25 12:24 p.m.7 views

CVE-2026-42004

An attacker can send a crafted EDNS OPT record that will be ignored by DNSdist’s filtering rules, but will be rewritten as a valid OPT record when EDNS Client Subnet is inserted, causing the backend to see the EDNS options that DNSdist did not filter...

3.7CVSS5.9AI score0.00162EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/25 12:24 p.m.14 views

CVE-2026-42004

CVE-2026-42004 affects DNSdist via EDNS OPT handling. An attacker can craft an EDNS OPT record that DNSdist’s filtering ignores, but is rewritten to a valid OPT when EDNS Client Subnet is applied, allowing the backend to observe EDNS options DNSdist did not filter. Impact is limited to informatio...

3.7CVSS5.9AI score0.00162EPSS
Exploits0References1
OSV
OSV
added 2026/06/22 2:30 p.m.2 views

OPENSUSE-SU-2026:21015-1 Security update for dnsdist

This update for dnsdist fixes the following issues - CVE-2026-0396: crafted DNS queries can allow to inject HTML content bsc1261236. - CVE-2026-0397: CORS misconfiguration can lead to information disclosure bsc1261237. - CVE-2026-24028: crafted DNS response packet can lead to an out-of-bounds rea...

9.1CVSS5.8AI score0.01073EPSS
Exploits0References36
OSV
OSV
added 2026/06/22 2:28 p.m.2 views

SUSE-SU-2026:22319-1 Security update for dnsdist

This update for dnsdist fixes the following issues - CVE-2026-0396: crafted DNS queries can allow to inject HTML content bsc1261236. - CVE-2026-0397: CORS misconfiguration can lead to information disclosure bsc1261237. - CVE-2026-24028: crafted DNS response packet can lead to an out-of-bounds rea...

9.1CVSS5.8AI score0.01073EPSS
Exploits0References37
Fedora
Fedora
added 2026/06/15 12:51 a.m.13 views

[SECURITY] Fedora 44 Update: dnsdist-2.0.6-1.fc44

dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...

9.1CVSS5.4AI score0.01073EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.11 views

Fedora 44 : dnsdist (2026-51cdd1292b)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-51cdd1292b advisory. Bug Fixes: CVE-2026-33254: An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdi...

9.1CVSS6AI score0.01073EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.6 views

Debian dsa-6235 : dnsdist - security update

The remote Debian 13 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-6235 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6235-1 [email protected] https://www.debian.org/securit...

9.1CVSS5.6AI score0.01073EPSS
Exploits0References38
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/29 12:0 a.m.6 views

dnsdist-2.0.5-1.1 on GA media (moderate)

dnsdist-2.0.5-1.1 on GA media Announcement ID: openSUSE-SU-2026:10632-1 Rating: moderate Cross-References: CVE-2026-33254 CVE-2026-33257 CVE-2026-33260 CVE-2026-33593 CVE-2026-33594 CVE-2026-33595 CVE-2026-33596 CVE-2026-33597 CVE-2026-33598 CVE-2026-33599 CVE-2026-33602 CVSS scores: CVE-2026-332...

5.3CVSS5.2AI score0.01073EPSS
Exploits0
Debian
Debian
added 2026/04/28 7:3 p.m.56 views

[SECURITY] [DSA 6235-1] dnsdist security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6235-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 28, 2026 https://www.debian.org/security/faq -...

9.1CVSS5.5AI score0.01073EPSS
Exploits0
Debian
Debian
added 2026/04/28 7:2 p.m.10 views

[SECURITY] [DSA 6233-1] pdns security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6233-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 28, 2026 https://www.debian.org/security/faq -...

9.8CVSS5.5AI score0.00524EPSS
Exploits0
OSV
OSV
added 2026/04/28 12:0 a.m.4 views

OPENSUSE-SU-2026:10632-1 dnsdist-2.0.5-1.1 on GA media

These are all security issues fixed in the dnsdist-2.0.5-1.1 package on the GA media of openSUSE Tumbleweed...

9.1CVSS5.2AI score0.01073EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.3 views

Fedora 44 : dnsdist (2026-519446405a)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-519446405a advisory. Update to latest upstream Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

8.2CVSS5.5AI score0.01028EPSS
Exploits0References8
Fedora
Fedora
added 2026/04/25 1:53 a.m.7 views

[SECURITY] Fedora 44 Update: dnsdist-2.0.3-1.fc44

dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...

8.2CVSS5.2AI score0.01028EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.4 views

SUSE SLED15 / SLES15 Security Update : dnsdist (SUSE-SU-2026:1618-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1618-1 advisory. Update to version 1.9.12. - https://www.dnsdist.org/changelog.htmlchange-1.9.12 Security issues fixed: -...

8.2CVSS5.8AI score0.01028EPSS
Exploits0References22
SUSE Linux
SUSE Linux
added 2026/04/24 2:25 p.m.7 views

Security update for dnsdist

This update for dnsdist fixes the following issues: Update to version 1.9.12. https://www.dnsdist.org/changelog.htmlchange-1.9.12 Security issues fixed: CVE-2026-0396: crafted DNS queries triggering domain-based dynamic rules can lead to HTML injection in the web dashboard bsc1261236...

8.2CVSS5.5AI score0.01028EPSS
Exploits0References28
SUSE CVE
SUSE CVE
added 2026/04/23 1:24 a.m.6 views

SUSE CVE-2026-33254

An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...

7.5CVSS5.8AI score0.00371EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/22 3:31 p.m.6 views

EUVD-2026-24927

An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...

5.3CVSS5.8AI score0.00371EPSS
Exploits0References2
NVD
NVD
added 2026/04/22 2:16 p.m.11 views

CVE-2026-33254

An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...

7.5CVSS0.00371EPSS
Exploits0References1
Rows per page
Query Builder