Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CoreDNS Loop Detection Denial of Service Vulnerability
Vulnerability Description
CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnerability stems from the use of a predictable pseudo-random number generator (PRNG) for generating a secret query name, combined with a fatal error handler that terminates the entire process. This issue has been patched in version 1.14.2.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
PRNG中使用可预测种子
Vulnerability Title
CoreDNS 安全漏洞
Vulnerability Description
CoreDNS是CoreDNS社区的一个 DNS 服务器。 CoreDNS 1.14.2之前版本存在安全漏洞,该漏洞源于循环检测插件存在拒绝服务漏洞,可能导致DNS服务器崩溃。
CVSS Information
N/A
Vulnerability Type
N/A