GHSA-9jcx-pr2f-qvq5

Опубликовано: 18 мая 2021

Источник: github

Github: Прошло ревью

CVSS3: 7.5

Описание

miekg/dns parsing error leads to nil pointer dereference and DoS

An issue was discovered in setTA in scan_rr.go in the Miek Gieben DNS library before 1.0.10 for Go. A dns.ParseZone() parsing error causes a segmentation violation, leading to denial of service.

Ссылки

Пакеты

Наименование

github.com/miekg/dns

Затронутые версииВерсия исправления

< 1.0.10

1.0.10

EPSS

Процентиль: 59%

0.00386

Низкий

7.5 High

CVSS3

CVE ID

CVE-2018-17419

Дефекты

CWE-400

Связанные уязвимости

CVE-2018-17419

CVSS3: 7.5

ubuntu

почти 7 лет назад

An issue was discovered in setTA in scan_rr.go in the Miek Gieben DNS library before 1.0.10 for Go. A dns.ParseZone() parsing error causes a segmentation violation, leading to denial of service.

CVE-2018-17419

CVSS3: 7.5

redhat

почти 7 лет назад

An issue was discovered in setTA in scan_rr.go in the Miek Gieben DNS library before 1.0.10 for Go. A dns.ParseZone() parsing error causes a segmentation violation, leading to denial of service.

CVE-2018-17419

CVSS3: 7.5

nvd

почти 7 лет назад

An issue was discovered in setTA in scan_rr.go in the Miek Gieben DNS library before 1.0.10 for Go. A dns.ParseZone() parsing error causes a segmentation violation, leading to denial of service.

EPSS

Процентиль: 59%

0.00386

Низкий

7.5 High

CVSS3

CVE ID

CVE-2018-17419

Дефекты

CWE-400