FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-10-10 08:58:57 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
c2253bff-9952-11f0-b6e2-6805ca2fa271	dnsdist -- Denial of service via crafted DoH exchange security@open-xchange.com reports: In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption of CPU resources. The offending code was introduced in DNSdist 1.9.0-alpha1 so previous versions are not affected. Discovery 2025-09-18 Entry 2025-09-24 Modified 2025-09-26 dnsdist < 1.9.11 >= 2.0.0 lt 2.0.1 CVE-2025-30187 https://nvd.nist.gov/vuln/detail/CVE-2025-30187

VuXML ID

Description

c2253bff-9952-11f0-b6e2-6805ca2fa271

dnsdist -- Denial of service via crafted DoH exchange

security@open-xchange.com reports:

In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption of CPU resources. The offending code was introduced in DNSdist 1.9.0-alpha1 so previous versions are not affected.

Discovery 2025-09-18
Entry 2025-09-24
Modified 2025-09-26
dnsdist

< 1.9.11

>= 2.0.0 lt 2.0.1

CVE-2025-30187
https://nvd.nist.gov/vuln/detail/CVE-2025-30187