Количество 15
Количество 15
CVE-2025-24294
The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name. This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition.
CVE-2025-24294
The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name. This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition.
CVE-2025-24294
The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name. This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition.
CVE-2025-24294
The attack vector is a potential Denial of Service (DoS). The vulnerab ...
SUSE-SU-2025:3776-1
Security update for ruby2.5
GHSA-xh69-987w-hrp8
resolv vulnerable to DoS via insufficient DNS domain name length validation
BDU:2025-15238
Уязвимость библиотеки resolv языка программирования Ruby, позволяющая нарушителю вызвать отказ в обслуживании
ROS-20250908-11
Уязвимость ruby
RLSA-2025:23141
Moderate: ruby security update
RLSA-2025:23063
Moderate: ruby:3.3 security update
RLSA-2025:23062
Moderate: ruby:3.3 security update
ELSA-2025-23141
ELSA-2025-23141: ruby security update (MODERATE)
ELSA-2025-23063
ELSA-2025-23063: ruby:3.3 security update (MODERATE)
ELSA-2025-23062
ELSA-2025-23062: ruby:3.3 security update (MODERATE)
SUSE-SU-2025:4264-1
Security update for ruby2.5
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-24294 The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name. This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition. | CVSS3: 7.5 | 0% Низкий | 7 месяцев назад |
 | CVE-2025-24294 The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name. This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition. | CVSS3: 5.3 | 0% Низкий | 7 месяцев назад |
 | CVE-2025-24294 The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name. This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition. | CVSS3: 7.5 | 0% Низкий | 7 месяцев назад |
| CVE-2025-24294 The attack vector is a potential Denial of Service (DoS). The vulnerab ... | CVSS3: 7.5 | 0% Низкий | 7 месяцев назад |
 | SUSE-SU-2025:3776-1 Security update for ruby2.5 | 0% Низкий | 4 месяца назад | |
| GHSA-xh69-987w-hrp8 resolv vulnerable to DoS via insufficient DNS domain name length validation | CVSS3: 5.3 | 0% Низкий | 7 месяцев назад |
 | BDU:2025-15238 Уязвимость библиотеки resolv языка программирования Ruby, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 0% Низкий | 7 месяцев назад |
 | ROS-20250908-11 Уязвимость ruby | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад |
 | RLSA-2025:23141 Moderate: ruby security update | около 1 месяца назад | ||
| RLSA-2025:23063 Moderate: ruby:3.3 security update | около 1 месяца назад | ||
| RLSA-2025:23062 Moderate: ruby:3.3 security update | около 1 месяца назад | ||
| ELSA-2025-23141 ELSA-2025-23141: ruby security update (MODERATE) | около 2 месяцев назад | ||
| ELSA-2025-23063 ELSA-2025-23063: ruby:3.3 security update (MODERATE) | около 2 месяцев назад | ||
| ELSA-2025-23062 ELSA-2025-23062: ruby:3.3 security update (MODERATE) | около 2 месяцев назад | ||
| SUSE-SU-2025:4264-1 Security update for ruby2.5 | 2 месяца назад |
Уязвимостей на страницу