9 matches found
Security Bulletin: IBM Storage Protect Server is susceptible to a vulnerability due to Golang coredns library
Summary Golang coredns library is used by the IBM Storage Protect Server Object Agent and OSSM component. Golang coredns is vulnerable to Denial of Service, This bulletin identifies the steps to address the vulnerabilities. CVE-2025-47950. Vulnerability Details CVEID:CVE-2025-47950 DESCRIPTION:...
TencentOS Server 4: coredns (TSSA-2025:0485)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0485 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
CBL Mariner 2.0 Security Update: coredns (CVE-2025-47950)
The version of coredns installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-47950 advisory. - CoreDNS is a DNS server that chains plugins. In versions prior to 1.12.2, a Denial of Service DoS...
CVE-2025-47950 affecting package coredns for versions less than 1.11.4-7
CVE-2025-47950 affecting package coredns for versions less than 1.11.4-7. A patched version of the package is available...
CVE-2025-47950 affecting package coredns for versions less than 1.11.1-19
CVE-2025-47950 affecting package coredns for versions less than 1.11.1-19. A patched version of the package is available...
CVE-2025-47950 vulnerabilities
Vulnerabilities for packages: kubernetes-dns-node-cache, coredns, juicefs...
CVE-2025-47950 vulnerabilities
Vulnerabilities for packages: coredns-fips, coredns, eks-distro, kubernetes-dns-node-cache, juicefs, eks-distro-fips, kubernetes-dns-node-cache-fips...
CVE-2025-47950
CoreDNS is a DNS server that chains plugins. In versions prior to 1.12.2, a Denial of Service DoS vulnerability exists in the CoreDNS DNS-over-QUIC DoQ server implementation. The server previously created a new goroutine for every incoming QUIC stream without imposing any limits on the number of...
CVE-2025-47950
CVE-2025-47950 affects CoreDNS DoQ, where the DoS occurred because the DoQ server spawned a new goroutine per incoming QUIC stream with no concurrency cap. The fixed patch (v1.12.2) adds explicit limits: max_streams per connection defaults to 256 and a server-wide bounded worker pool (worker_pool...