CVE search results

21 – 30 of 41 results

Detailed view

Sort by:

CVE-2026-0397

Medium priority

Needs evaluation

When the internal webserver is enabled (default is disabled), an attacker might be able to trick an administrator logged to the dashboard into visiting a malicious website and extract information about the running configuration...

1 affected package

dnsdist

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
dnsdist	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2026-0396

Medium priority

Needs evaluation

An attacker might be able to inject HTML content into the internal web dashboard by sending crafted DNS queries to a DNSdist instance where domain-based dynamic rules have been enabled via...

1 affected package

dnsdist

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
dnsdist	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2025-30187

Medium priority

Fixed

In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded...

1 affected package

dnsdist

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
dnsdist	—	Not affected	Not affected	Not affected	Not affected

CVE-2025-8671

Medium priority

Some fixes available 2 of 24

A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to...

5 affected packages

dnsdist, h2o, haproxy, lighttpd, varnish

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
dnsdist	Not affected	Fixed	Not affected	Not affected	Not affected
h2o	Not in release	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
haproxy	Not affected	Not affected	Not affected	Not affected	Not affected
lighttpd	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
varnish	Not affected	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2025-30193

Medium priority

Some fixes available 2 of 4

In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an...

1 affected package

dnsdist

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
dnsdist	Not affected	Fixed	Fixed	Not affected	Not affected

CVE-2025-30194

Medium priority

Ignored

When DNSdist is configured to provide DoH via the nghttp2 provider, an attacker can cause a denial of service by crafting a DoH exchange that triggers an illegal memory access (double-free) and crash of DNSdist, causing a denial...

1 affected package

dnsdist

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
dnsdist	—	Not affected	Not affected	Not affected	Not affected

CVE-2024-25581

Medium priority

Not affected

When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to a tcp-only or DNS over TLS backend, an attacker can trigger an assertion failure in DNSdist by sending a request for a...

1 affected package

dnsdist

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
dnsdist	—	Not affected	Not affected	Not affected	Not affected

CVE-2023-44487

High priority

Some fixes available 33 of 46

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

14 affected packages

dnsdist, dotnet6, dotnet7, dotnet8, h2o...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
dnsdist	Not affected	Not affected	Fixed	Not affected	Not affected
dotnet6	Not in release	Not in release	Fixed	Not in release	Not in release
dotnet7	Not in release	Not in release	Fixed	Not in release	Not in release
dotnet8	Not in release	Fixed	Not affected	Not in release	Not in release
h2o	Not in release	Not affected	Fixed	Fixed	Fixed
haproxy	Not affected	Not affected	Not affected	Not affected	Fixed
netty	Not affected	Not affected	Fixed	Fixed	Not affected
nghttp2	Not affected	Not affected	Fixed	Fixed	Fixed
nginx	Not affected	Not affected	Not affected	Not affected	Not affected
nodejs	Not affected	Not affected	Fixed	Fixed	Fixed
tomcat10	Not affected	Not affected	Not in release	Not in release	Ignored
tomcat8	Not in release	Not in release	Not in release	Not in release	Fixed
tomcat9	Not affected	Not affected	Fixed	Fixed	Fixed
trafficserver	Not in release	Not affected	Fixed	Fixed	Not affected

CVE-2012-2979

Medium priority

Ignored

FreeBSD NSD before 3.2.13 allows remote attackers to crash a NSD child server process (SIGSEGV) and cause a denial of service in the NSD server.

2 affected packages

nsd, nsd3

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
nsd	—	—	—	—	—
nsd3	—	—	—	—	—

CVE-2019-13952

Low priority

Vulnerable

The set_ipv6() function in zscan_rfc1035.rl in gdnsd before 2.4.3 and 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv6 address in zone data.

1 affected package

gdnsd

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
gdnsd	Not affected	Not affected	Not in release	Vulnerable	Vulnerable

Export to JSON

Results by page:

Search CVE reports