Github.Com Miekg Dns vulnerabilities

3 known vulnerabilities affecting github.com/miekg_dns.

Total CVEs

3

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH2MEDIUM1

Vulnerabilities

Page 1 of 1

CVE-2017-15133HIGH≥ 0, < 1.0.42021-06-29

CVE-2017-15133 [HIGH] CWE-400 Denial of Service in miekg-dns Denial of Service in miekg-dns A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections.

CVE-2018-17419HIGH≥ 0, < 1.0.102021-05-18

CVE-2018-17419 [HIGH] CWE-400 miekg/dns parsing error leads to nil pointer dereference and DoS miekg/dns parsing error leads to nil pointer dereference and DoS An issue was discovered in `setTA` in `scan_rr.go` in the Miek Gieben DNS library before 1.0.10 for Go. A `dns.ParseZone()` parsing error causes a segmentation violation, leading to denial of service.

CVE-2019-19794MEDIUM≥ 0, < 1.1.252021-05-18

CVE-2019-19794 [MEDIUM] CWE-330 miekg/dns insecurely generates random numbers miekg/dns insecurely generates random numbers The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.