CVE-2024-25638

Published July 22nd, 2024

View on NVD ↗

CVSS v3

8.9

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

dnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. This vulnerability is fixed in 3.6.0.

dnsjava/dnsjava

dnsjava - an implementation of the DNS protocol in Java

GitHub

1.07K