9 matches found
SUSE CVE-2026-24029
When the earlyacldrop earlyACLDrop in Lua option is disabled default is enabled on a DNS over HTTPs frontend using the nghttp2 provider, the ACL check is skipped, allowing all clients to send DoH queries regardless of the configured ACL...
EUVD-2026-17403
When the earlyacldrop earlyACLDrop in Lua option is disabled default is enabled on a DNS over HTTPs frontend using the nghttp2 provider, the ACL check is skipped, allowing all clients to send DoH queries regardless of the configured ACL...
UBUNTU-CVE-2026-24029
When the earlyacldrop earlyACLDrop in Lua option is disabled default is enabled on a DNS over HTTPs frontend using the nghttp2 provider, the ACL check is skipped, allowing all clients to send DoH queries regardless of the configured ACL...
CVE-2026-24029 DNS over HTTPS ACL bypass
When the earlyacldrop earlyACLDrop in Lua option is disabled default is enabled on a DNS over HTTPs frontend using the nghttp2 provider, the ACL check is skipped, allowing all clients to send DoH queries regardless of the configured ACL...
CVE-2026-24029
When the earlyacldrop earlyACLDrop in Lua option is disabled default is enabled on a DNS over HTTPs frontend using the nghttp2 provider, the ACL check is skipped, allowing all clients to send DoH queries regardless of the configured ACL...
CVE-2026-24029
When the earlyacldrop earlyACLDrop in Lua option is disabled default is enabled on a DNS over HTTPs frontend using the nghttp2 provider, the ACL check is skipped, allowing all clients to send DoH queries regardless of the configured ACL...
CVE-2026-24029 DNS over HTTPS ACL bypass
When the earlyacldrop earlyACLDrop in Lua option is disabled default is enabled on a DNS over HTTPs frontend using the nghttp2 provider, the ACL check is skipped, allowing all clients to send DoH queries regardless of the configured ACL...
CVE-2026-24029
CVE-2026-24029 affects a DNS-over-HTTPS frontend using the nghttp2 provider. When the early_acl_drop (earlyACLDrop in Lua) option is disabled, the ACL check is skipped, permitting all clients to issue DoH queries regardless of the configured ACL. The default setting enables early_acl_drop, so the...
PT-2026-29244
Name of the Vulnerable Software and Affected Versions versions prior to the fix for CVE-2026-24029 Description When the early acl drop or earlyACLDrop in Lua option is disabled, and a DNS over HTTPs frontend is utilizing the nghttp2 provider, the Access Control List ACL check is bypassed. This...