FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-06-07 10:36:35 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
f2d8342f-1134-11ef-8791-6805ca2fa271	dnsdist -- Transfer requests received over DoH can lead to a denial of service PowerDNS Security Advisory reports: When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to a tcp-only or DNS over TLS backend, an attacker can trigger an assertion failure in DNSdist by sending a request for a zone transfer (AXFR or IXFR) over DNS over HTTPS, causing the process to stop and thus leading to a Denial of Service. DNS over HTTPS is not enabled by default, and backends are using plain DNS (Do53) by default. Discovery 2024-05-13 Entry 2024-05-13 dnsdist < 1.9.4 CVE-2024-25581 https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2024-03.html
198d82f3-8777-11e7-950a-e8e0b747a45a	dnsdist -- multiple vulnerabilities PowerDNS Security Advisory reports: The first issue can lead to a denial of service on 32-bit if a backend sends crafted answers, and the second to an alteration of dnsdist's ACL if the API is enabled, writable and an authenticated user is tricked into visiting a crafted website. Discovery 2017-08-21 Entry 2017-08-22 dnsdist < 1.2.0 CVE-2016-7069 CVE-2017-7557 https://dnsdist.org/security-advisories/index.html

VuXML ID

Description

f2d8342f-1134-11ef-8791-6805ca2fa271

dnsdist -- Transfer requests received over DoH can lead to a denial of service

PowerDNS Security Advisory reports:

When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to a tcp-only or DNS over TLS backend, an attacker can trigger an assertion failure in DNSdist by sending a request for a zone transfer (AXFR or IXFR) over DNS over HTTPS, causing the process to stop and thus leading to a Denial of Service. DNS over HTTPS is not enabled by default, and backends are using plain DNS (Do53) by default.

Discovery 2024-05-13
Entry 2024-05-13
dnsdist

< 1.9.4

CVE-2024-25581
https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2024-03.html

198d82f3-8777-11e7-950a-e8e0b747a45a

dnsdist -- multiple vulnerabilities

PowerDNS Security Advisory reports:

The first issue can lead to a denial of service on 32-bit if a backend sends crafted answers, and the second to an alteration of dnsdist's ACL if the API is enabled, writable and an authenticated user is tricked into visiting a crafted website.

Discovery 2017-08-21
Entry 2017-08-22
dnsdist

< 1.2.0

CVE-2016-7069
CVE-2017-7557
https://dnsdist.org/security-advisories/index.html