CVE-2025-59029

Опубликовано: 09 дек. 2025

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY.

Ссылки

https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2025-07.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:powerdns:recursor:5.3.0:-:*:*:*:*:*:*

cpe:2.3:a:powerdns:recursor:5.3.1:*:*:*:*:*:*:*

EPSS

Процентиль: 1%

0.0001

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-617

Связанные уязвимости

CVE-2025-59029

CVSS3: 5.3

ubuntu

4 месяца назад

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY.

CVE-2025-59029

CVSS3: 5.3

redhat

4 месяца назад

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY.

CVE-2025-59029

CVSS3: 5.3

debian

4 месяца назад

An attacker can trigger an assertion failure by requesting crafted DNS ...

GHSA-2gr2-cm9q-vr3v

CVSS3: 5.3

github

4 месяца назад

An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a query with qtype set to ANY.

EPSS

Процентиль: 1%

0.0001

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-617