CVE-2024-25638

DNSJava DNSSEC Bypass

CVSS 8.9 HIGHEPSS 0.4%CWE-345 CWE-349

dnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. This vulnerability is fixed in 3.6.0.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L

Produtos afetados

dnsjava · dnsjava

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/dnsjava/dnsjava/commit/2073a0cdea2c560465f7ac0cc56f202e6fc39705 https://github.com/dnsjava/dnsjava/commit/bc51df1c455e6c9fb7cbd42fcb6d62d16047818d https://github.com/dnsjava/dnsjava/security/advisories/GHSA-cfxw-4h78-h7fw