CVE-2026-25518 cert-manager-controller DoS via Specially Crafted DNS Response

cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters, and simplifies the process of obtaining, renewing and using those certificates. In versions from 1.18.0 to before 1.18.5 and from 1.19.0 to before 1.19.3, the cert-manager-controller performs DNS...

GHSA-GX3X-VQ4P-MHHV cert-manager-controller DoS via Specially Crafted DNS Response

Impact The cert-manager-controller performs DNS lookups during ACME DNS-01 processing for zone discovery and propagation self-checks. By default, these lookups use standard unencrypted DNS. An attacker who can intercept and modify DNS traffic from the cert-manager-controller pod can insert a...

PT-2026-6308

Name of the Vulnerable Software and Affected Versions cert-manager versions 1.18.0 through 1.18.4 cert-manager versions 1.19.0 through 1.19.2 Description cert-manager simplifies the process of obtaining, renewing, and using certificates in Kubernetes clusters. The cert-manager-controller performs...

Malicious code in acme-dns-01-dyndns (npm)

The package acme-dns-01-dyndns was found to contain malicious code...

Malicious code in acme-dns-01-lightsail (npm)

The package acme-dns-01-lightsail was found to contain malicious code...

Malicious code in acme-dns-01-freedns (npm)

The package acme-dns-01-freedns was found to contain malicious code...

MAL-2025-14008 Malicious code in acme-dns-01-lightsail (npm)

The package acme-dns-01-lightsail was found to contain malicious code...

MAL-2025-14007 Malicious code in acme-dns-01-freedns (npm)

The package acme-dns-01-freedns was found to contain malicious code...

MAL-2025-14006 Malicious code in acme-dns-01-dyndns (npm)

The package acme-dns-01-dyndns was found to contain malicious code...

GO-2024-2941 ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/traefik/traefik

ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/traefik/traefik...

GHSA-RVJ4-Q8Q5-8GRF ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability

Impact There is a vulnerability in Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability. References - CVE-2024-35255 Patches - https://github.com/traefik/traefik/releases/tag/v2.11.5 - https://github.com/traefik/traefik/releases/tag/v3.0.3 Workarounds...

acme-dns-rust (>=1.0.0 <=1.0.6), asfa (>=0.1.0 <=0.5.2) +72 more potentially affected by unknown CVE via whoami (>=0.5.3 <=1.2.3)

whoami CARGO version =0.5.3, =1.0.0, =0.1.0, =3.0.0, =0.60.0, =0.60.0, =0.1.0, =0.27.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0, =0.2.1, =0.0.0, =0.0.1, =0.1.0, =0.3.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-W5W5-8VFH-XCJQ...

aardvark-dns (>=1.0.3 <=1.1.0), acme-dns-rust (>=1.0.0 <=1.1.6) +16 more potentially affected by unknown CVE via trust-dns-server (>=0.13.0 <=0.22.0)

trust-dns-server CARGO version =0.13.0, =1.0.3, =1.0.0, =1.4.0, =1.7.0, =0.1.0, =1.12.2, =1.13.0 - localns =1.0.0 - oxidux =0.4.0 - polyresolver =0.1.0 - simple-dns-server =0.1.0 - single-use-dns =0.1.0 - snail =0.4.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-5FM9-H728-FWPJ...

aardvark-dns (>=1.0.3 <=1.1.0), acme-dns-rust (>=1.0.0 <=1.1.6) +16 more potentially affected by unknown CVE via trust-dns-server (>=0.13.0 <=0.22.0)

trust-dns-server CARGO version =0.13.0, =1.0.3, =1.0.0, =1.4.0, =1.7.0, =0.1.0, =1.12.2, =1.13.0 - localns =1.0.0 - oxidux =0.4.0 - polyresolver =0.1.0 - simple-dns-server =0.1.0 - single-use-dns =0.1.0 - snail =0.4.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2023-0041...

Fedora: Security Advisory for golang-github-cpu-goacmedns (FEDORA-2022-ea8f4e232d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-github-cpu-goacmedns-0.1.1-6.fc36

A Go library to handle acme-dns client communication and persistent account storage...

[SECURITY] Fedora 35 Update: golang-github-cpu-goacmedns-0.1.1-5.fc35

A Go library to handle acme-dns client communication and persistent account storage...

Fedora: Security Advisory for golang-github-cpu-goacmedns (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: golang-github-cpu-goacmedns-0.1.1-5.fc36

A Go library to handle acme-dns client communication and persistent account storage...