3 matches found
CVE-2026-33190
CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the tsig plugin can be bypassed on non-plain-DNS transports DoT, DoH, DoH3, DoQ, and gRPC because it trusts the transport writer's TsigStatus instead of performing verification itself. The DoH and DoH3 writer's TsigStatus...
CVE-2026-33489
CoreDNS CVE-2026-33489 affects the transfer plugin prior to version 1.14.3. The root cause is a lexicographic longestMatch() comparison in plugin/transfer/transfer.go, which can select a permissive parent-zone ACL over a more-specific subzone ACL when both are configured. This flaw enables an una...
CVE-2026-32936 CoreDNS DoH GET path missing size validation causes CPU and memory amplification
CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the DNS-over-HTTPS DoH GET path accepts oversized dns= query parameter values and performs URL query parsing, base64 decoding, and DNS message unpacking before rejecting the request. Unlike the POST path, which applies a...