CVE-2025-24294HIGHCVSS 7.5≥ 0.2, ≤ 0.2.2·≥ 0.3.0, ≤ 0.3.0+1 more2025-07-12
CVE-2025-24294 [HIGH] CWE-400 CVE-2025-24294: The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insuffic
The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet.
An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the resolv library parses such a packet, the name decompression process consumes a
ghsanvdosv