CVE-2025-59029

Опубликовано: 09 дек. 2025

Источник: debian

EPSS Низкий

Описание

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
pdns-recursor	fixed	5.3.3-1		package
pdns-recursor	not-affected		trixie	package
pdns-recursor	not-affected		bookworm	package
pdns-recursor	not-affected		bullseye	package

Примечания

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-07.html

EPSS

Процентиль: 0%

0.00006

Низкий

Связанные уязвимости

CVE-2025-59029

CVSS3: 5.3

ubuntu

около 2 месяцев назад

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY.

CVE-2025-59029

CVSS3: 5.3

nvd

около 2 месяцев назад

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY.

GHSA-2gr2-cm9q-vr3v

CVSS3: 5.3

github

около 2 месяцев назад

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY.

EPSS

Процентиль: 0%

0.00006

Низкий