CVE-2025-30187
Denial of service via crafted DoH exchange in PowerDNS DNSdist
In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption of CPU resources.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Produtos afetados
PowerDNS · DNSdistQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →