Количество 12
Количество 12
CVE-2025-24294
The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name. This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition.
CVE-2025-24294
The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name. This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition.
CVE-2025-24294
The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name. This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition.
CVE-2025-24294
The attack vector is a potential Denial of Service (DoS). The vulnerab ...
SUSE-SU-2025:3776-1
Security update for ruby2.5
GHSA-xh69-987w-hrp8
resolv vulnerable to DoS via insufficient DNS domain name length validation
BDU:2025-15238
Уязвимость библиотеки resolv языка программирования Ruby, позволяющая нарушителю вызвать отказ в обслуживании
ROS-20250908-11
Уязвимость ruby
ELSA-2025-23141
ELSA-2025-23141: ruby security update (MODERATE)
ELSA-2025-23063
ELSA-2025-23063: ruby:3.3 security update (MODERATE)
ELSA-2025-23062
ELSA-2025-23062: ruby:3.3 security update (MODERATE)
SUSE-SU-2025:4264-1
Security update for ruby2.5
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-24294 The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name. This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition. | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-24294 The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name. This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition. | CVSS3: 5.3 | 0% Низкий | 6 месяцев назад |
 | CVE-2025-24294 The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a large amount of CPU resources, as the library does not limit the resulting length of the name. This resource consumption can cause the application thread to become unresponsive, resulting in a Denial of Service condition. | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
| CVE-2025-24294 The attack vector is a potential Denial of Service (DoS). The vulnerab ... | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
 | SUSE-SU-2025:3776-1 Security update for ruby2.5 | 0% Низкий | 2 месяца назад | |
| GHSA-xh69-987w-hrp8 resolv vulnerable to DoS via insufficient DNS domain name length validation | CVSS3: 5.3 | 0% Низкий | 6 месяцев назад |
 | BDU:2025-15238 Уязвимость библиотеки resolv языка программирования Ruby, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.5 | 0% Низкий | 6 месяцев назад |
 | ROS-20250908-11 Уязвимость ruby | CVSS3: 7.5 | 0% Низкий | 4 месяца назад |
| ELSA-2025-23141 ELSA-2025-23141: ruby security update (MODERATE) | 17 дней назад | ||
| ELSA-2025-23063 ELSA-2025-23063: ruby:3.3 security update (MODERATE) | 17 дней назад | ||
| ELSA-2025-23062 ELSA-2025-23062: ruby:3.3 security update (MODERATE) | 17 дней назад | ||
| SUSE-SU-2025:4264-1 Security update for ruby2.5 | около 1 месяца назад |
Уязвимостей на страницу