CVE-2025-30192

CVE-2025-30192 affects PowerDNS Recursor: an attacker spoofing answers to ECS-enabled queries can succeed more easily than for non-ECS queries. The updated release/file notes describe mitigations that harden spoofing resistance by chaining ECS-enabled requests and enforcing stricter validation of...

PT-2022-7432 · Phpcas +4 · Phpcas +4

Name of the Vulnerable Software and Affected Versions: phpCAS versions prior to 1.6.0 Description: The phpCAS library uses HTTP headers to determine the service URL used to validate tickets, allowing an attacker to control the host header and use a valid ticket granted for any authorized service ...