CVE-2024-25638

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-25638

Severity

8.9

High

CVSS V3

Eliminate CVEs with Chainguard hardened images

Build, ship, and run secure software with minimal, hardened container images — rebuilt from source daily and guarded under our industry-leading remediation SLA.

Start for free

Summary

DNSJava DNSSEC Bypass

Description

dnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. This vulnerability is fixed in 3.6.0.

References

https://nvd.nist.gov/vuln/detail/CVE-2024-25638
https://github.com/advisories/GHSA-cfxw-4h78-h7fw
https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/25xxx/CVE-2024-25638.json
https://github.com/dnsjava/dnsjava/commit/2073a0cdea2c560465f7ac0cc56f202e6fc39705
https://github.com/dnsjava/dnsjava/commit/bc51df1c455e6c9fb7cbd42fcb6d62d16047818d
https://github.com/dnsjava/dnsjava/security/advisories/GHSA-cfxw-4h78-h7fw

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CVE-2024-25638

Severity

Summary

Description

References

Affected packages

The trusted source for open source

Product

Solutions

Customers

Resources

Company