5 matches found
CVE-2025-1673
A malicious or malformed DNS packet without a payload can cause an out-of-bounds read, resulting in a crash denial of service or an incorrect computation...
EUVD-2025-5069
Malicious code in bioql PyPI...
CVE-2025-24294
The attack vector is a potential Denial of Service DoS. The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses suc...
GHSA-369H-PJR2-6WRH Uncontrolled recursion in trust-dns-proto
There's a stack overflow leading to a crash when Trust-DNS's parses a malicious DNS packet. Affected versions of this crate did not properly handle parsing of DNS message compression RFC1035 section 4.1.4. The parser could be tricked into infinite loop when a compression offset pointed back to th...
Stack overflow when parsing malicious DNS packet
There's a stack overflow leading to a crash when Trust-DNS's parses a malicious DNS packet. Affected versions of this crate did not properly handle parsing of DNS message compression RFC1035 section 4.1.4. The parser could be tricked into infinite loop when a compression offset pointed back to th...