miekg/dns

miekg/dns

Releases88

Frequency1 month 3 days

Last Release 4 months ago

Stars8.69K

DNS library in Go

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-19794 ↗	Dec 13, 2019Friday, 13 December 2019, 22:15	5.9 MEDIUM	4.3 MEDIUM
The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.
CVE-2018-17419 ↗	Mar 7, 2019Thursday, 7 March 2019, 23:29	7.5 HIGH	5 MEDIUM
An issue was discovered in setTA in scan_rr.go in the Miek Gieben DNS library before 1.0.10 for Go. A dns.ParseZone() parsing error causes a segmentation violation, leading to denial of service.
CVE-2017-15133 ↗	Jan 29, 2018Monday, 29 January 2018, 19:29	—	5 MEDIUM
A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from accepting new connections.