DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2024-12705

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-12705

CGA ID

CGA-r3v2-9c3f-824g

Description

Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1.

References

  • https://images.chainguard.dev/security/CGA-r3v2-9c3f-824g

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images