Vulnerabilities

CVE-2025-30187

by Fred · 18/09/2025

In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption of CPU resources.

More information : https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2025-05.html

Similar

Tags: Cybersecurity Alert