Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

24 matches found

Tenable Nessus
Tenable Nessusadded 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-25638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs...

8.9CVSS6.9AI score0.00194EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletinsadded 2025/02/04 1:7 a.m.32 views

Security Bulletin: Vulnerability with Eclipse Jetty, e2fsprogs, dnsjava , Apache Commons IO, Apache HTTP Server and Java SE affect IBM Cloud Object Storage Systems (Dec 2024)

Summary Vulnerability with Eclipse Jetty CVE-2024-9823, CVE-2024-6763, CVE-2024-8184, e2fsprogs CVE-2022-1304 dnsjava CVE-2024-25638, Apache Commons IO. CVE-2024-47554 , Apache HTTP ServerCVE-2024-40725 and Java SE CVE-2024-21217,CVE-2024-21235, CVE-2024-21210. This vulnerability has been address...

8.9CVSS8.4AI score0.25097EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/09/25 6:0 p.m.7 views

Security Bulletin: Vulnerability in dnsjava affects IBM watsonx.data

Summary dnsjava could allow a remote attacker to bypass security restrictions, caused by improper response validation. By sending a specially crafted request, an attacker could exploit this vulnerability to perform DNSSEC bypass. This may affect watsonx.data. Vulnerability Details...

8.9CVSS8.7AI score0.00194EPSS
Exploits0Affected Software1
OSV
OSVadded 2024/07/26 11:8 a.m.1 views

OESA-2024-1899 dnsjava security update

dnsjava is an implementation of DNS in Java. It supports all of the common record types and the DNSSEC types. It can be used for queries, zone transfers, and dynamic updates. It includes a cache which can be used by clients, and a minimal implementation of a server. It supports TSIG authenticated...

8.9CVSS6.5AI score0.00194EPSS
Exploits0References2
Veracode
Veracodeadded 2024/07/23 7:59 a.m.9 views

Improper Response Validation

dnsjava is vulnerable to Improper Response Validation. The vulnerability is due to records in DNS replies not being checked for their relevance to the query, allowing an attacker to respond with RRs from different zones...

8.9CVSS6.6AI score0.00194EPSS
Exploits0References3Affected Software1
Veracode
Veracodeadded 2024/07/23 5:47 a.m.7 views

Denial Of Service (DoS)

dnsjava: dnsjava is vulnerable to Denial Of Service DoS. The vulnerability is caused by improper signature validation due to the ValidatingResolver’s handling of specially crafted DNSSEC-signed zones, which allows an attacker to cause excessive CPU usage and potential Denial Of Service DoS...

7AI score
Exploits0
Veracode
Veracodeadded 2024/07/22 9:20 p.m.5 views

Uncontrolled Resource Consumption

dnsjava: dnsjava is vulnerable to Uncontrolled Resource Consumption. The vulnerability is due to the handling of specially crafted DNSSEC-signed zones, which can result in CPU exhaustion...

7AI score
Exploits0
vulnersOsv
vulnersOsvadded 2024/07/22 5:30 p.m.1 views

com.aoapps:ao-appcluster-all (=2.0.1), com.aoapps:ao-appcluster-core (=2.0.1) +239 more potentially affected by CVE-2023-50387 via dnsjava:dnsjava (>=3.5.0 <=3.5.3)

dnsjava:dnsjava MAVEN version =3.5.0, =1.3.1, =1.3.1, =1.3.1, =0.3.2-patch6, =6.3.2, =1.1.1, =2.5.9, =2.5.9, =2.1.4, =2.1.4, =2.1.4, =1.0, =1.2 and more Source cves: CVE-2023-50387 Source advisory: OSV:GHSA-CRJG-W57M-RQQF...

7.5CVSS7AI score0.43701EPSS
Exploits0
Github Security Blog
Github Security Blogadded 2024/07/22 5:30 p.m.7 views

DNSJava vulnerable to KeyTrap - Denial-of-Service Algorithmic Complexity Attacks

Impact Users using the ValidatingResolver for DNSSEC validation can run into CPU exhaustion with specially crafted DNSSEC-signed zones. Patches Users should upgrade to dnsjava v3.6.0 Workarounds Although not recommended, only using a non-validating resolver, will remove the vulnerability...

7.5CVSS7.1AI score0.43701EPSS
Exploits0References6Affected Software2
RedhatCVE
RedhatCVEadded 2024/07/22 4:35 p.m.10 views

CVE-2024-25638

A flaw was found in the dnsjava package, a DNS implementation written in the Java language. The dnsjava package does not properly check the DNS resource records RR relevancy to the DNS query being processed, allowing an attacker to respond to the DNS request with RRs from different zones. This...

8.9CVSS8.5AI score0.00194EPSS
Exploits0References5
OSV
OSVadded 2024/07/22 2:46 p.m.0 views

GHSA-MMWX-RJ87-VFGR DNSJava affected by KeyTrap - NSEC3 closest encloser proof can exhaust CPU resources

Impact Users using the ValidatingResolver for DNSSEC validation can run into CPU exhaustion with specially crafted DNSSEC-signed zones. Patches Users should upgrade to dnsjava v3.6.0 Workarounds Although not recommended, only using a non-validating resolver, will remove the vulnerability...

7.1CVSS6.8AI score0.1242EPSS
Exploits1References5
vulnersOsv
vulnersOsvadded 2024/07/22 2:46 p.m.1 views

com.aoapps:ao-appcluster-all (=2.0.1), com.aoapps:ao-appcluster-core (=2.0.1) +239 more potentially affected by CVE-2023-50868 via dnsjava:dnsjava (>=3.5.0 <=3.5.3)

dnsjava:dnsjava MAVEN version =3.5.0, =1.3.1, =1.3.1, =1.3.1, =0.3.2-patch6, =6.3.2, =1.1.1, =2.5.9, =2.5.9, =2.1.4, =2.1.4, =2.1.4, =1.0, =1.2 and more Source cves: CVE-2023-50868 Source advisory: OSV:GHSA-MMWX-RJ87-VFGR...

7.5CVSS7AI score0.1242EPSS
Exploits1
Github Security Blog
Github Security Blogadded 2024/07/22 2:46 p.m.8 views

DNSJava affected by KeyTrap - NSEC3 closest encloser proof can exhaust CPU resources

Impact Users using the ValidatingResolver for DNSSEC validation can run into CPU exhaustion with specially crafted DNSSEC-signed zones. Patches Users should upgrade to dnsjava v3.6.0 Workarounds Although not recommended, only using a non-validating resolver, will remove the vulnerability...

7.5CVSS7.1AI score0.1242EPSS
Exploits1References5Affected Software2
vulnersOsv
vulnersOsvadded 2024/07/22 2:33 p.m.2 views

ai.catboost:catboost-spark_3.1_2.12 (>=1.0.1 <=1.2.8), ai.catboost:catboost-spark_3.2_2.12 (>=1.0.6 <=1.2.10) +3559 more potentially affected by CVE-2024-25638 via dnsjava:dnsjava (>=1.2.3 <=3.5.3)

dnsjava:dnsjava MAVEN version =1.2.3, =1.0.1, =1.0.6, =1.0.6, =1.1, =1.1.1, =1.2, =1.2, =1.2.3, =1.2.3, =0.0.25, =0.0.25, =0.0.62, =0.0.25, =0.0.86, =0.0.8, =threadcontention-0.0.23-dev3 and more Source cves: CVE-2024-25638 Source advisory: OSV:GHSA-CFXW-4H78-H7FW...

8.9CVSS6.9AI score0.00194EPSS
Exploits0
Github Security Blog
Github Security Blogadded 2024/07/22 2:33 p.m.16 views

DNSJava DNSSEC Bypass

Summary Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. Details DNS Messages are not authenticated. They do not guarantee that - received RRs are authentic - not received RRs do not exist - all or any received...

8.9CVSS8.5AI score0.00194EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2024/07/22 2:33 p.m.19 views

GHSA-CFXW-4H78-H7FW DNSJava DNSSEC Bypass

Summary Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. Details DNS Messages are not authenticated. They do not guarantee that - received RRs are authentic - not received RRs do not exist - all or any received...

8.9CVSS8.3AI score0.00194EPSS
Exploits0References4
NVD
NVDadded 2024/07/22 2:15 p.m.13 views

CVE-2024-25638

dnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. This vulnerability is fixed in 3.6.0...

8.9CVSS0.00194EPSS
Exploits0References3
OSV
OSVadded 2024/07/22 2:15 p.m.0 views

UBUNTU-CVE-2024-25638

dnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. This vulnerability is fixed in 3.6.0...

8.9CVSS6.9AI score0.00194EPSS
Exploits0References4
Cvelist
Cvelistadded 2024/07/22 2:5 p.m.20 views

CVE-2024-25638 DNSJava DNSSEC Bypass

dnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. This vulnerability is fixed in 3.6.0...

8.9CVSS0.00194EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2024/07/22 2:5 p.m.10 views

CVE-2024-25638

dnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. This vulnerability is fixed in 3.6.0...

8.9CVSS7AI score0.00194EPSS
Exploits0
Rows per page
Query Builder