Lucene search
K

9 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/12/05 12:47 p.m.8 views

Security Bulletin: IBM Storage Protect Server is susceptible to a vulnerability due to Golang coredns library

Summary Golang coredns library is used by the IBM Storage Protect Server Object Agent and OSSM component. Golang coredns is vulnerable to Denial of Service, This bulletin identifies the steps to address the vulnerabilities. CVE-2025-47950. Vulnerability Details CVEID:CVE-2025-47950 DESCRIPTION:...

7.5CVSS8.1AI score0.01132EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.6 views

TencentOS Server 4: coredns (TSSA-2025:0485)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0485 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.5CVSS7.8AI score0.01132EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.7 views

CBL Mariner 2.0 Security Update: coredns (CVE-2025-47950)

The version of coredns installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-47950 advisory. - CoreDNS is a DNS server that chains plugins. In versions prior to 1.12.2, a Denial of Service DoS...

7.5CVSS7.8AI score0.01132EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/07/10 3:9 p.m.9 views

CVE-2025-47950 affecting package coredns for versions less than 1.11.4-7

CVE-2025-47950 affecting package coredns for versions less than 1.11.4-7. A patched version of the package is available...

7.5CVSS7.3AI score0.01132EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/07/10 3:7 p.m.10 views

CVE-2025-47950 affecting package coredns for versions less than 1.11.1-19

CVE-2025-47950 affecting package coredns for versions less than 1.11.1-19. A patched version of the package is available...

7.5CVSS7.3AI score0.01132EPSS
Exploits0
Wolfi
Wolfi
added 2025/06/10 1:48 p.m.11 views

CVE-2025-47950 vulnerabilities

Vulnerabilities for packages: kubernetes-dns-node-cache, coredns, juicefs...

7.5CVSS7.2AI score0.01132EPSS
Exploits0
Chainguard
Chainguard
added 2025/06/10 1:20 p.m.8 views

CVE-2025-47950 vulnerabilities

Vulnerabilities for packages: coredns-fips, coredns, eks-distro, kubernetes-dns-node-cache, juicefs, eks-distro-fips, kubernetes-dns-node-cache-fips...

7.5CVSS7.2AI score0.01132EPSS
Exploits0
NVD
NVD
added 2025/06/06 6:15 p.m.15 views

CVE-2025-47950

CoreDNS is a DNS server that chains plugins. In versions prior to 1.12.2, a Denial of Service DoS vulnerability exists in the CoreDNS DNS-over-QUIC DoQ server implementation. The server previously created a new goroutine for every incoming QUIC stream without imposing any limits on the number of...

7.5CVSS0.01132EPSS
Exploits0References5
CVE
CVE
added 2025/06/06 5:32 p.m.185 views

CVE-2025-47950

CVE-2025-47950 affects CoreDNS DoQ, where the DoS occurred because the DoQ server spawned a new goroutine per incoming QUIC stream with no concurrency cap. The fixed patch (v1.12.2) adds explicit limits: max_streams per connection defaults to 256 and a server-wide bounded worker pool (worker_pool...

7.5CVSS7.5AI score0.01132EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder