VDB
CVE-2025-30187
CVE-2025-30187
PUBLISHED
CVSS 3.700000047683716 LOW
In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption of CPU resources.
EPSS 0.01% · 1.7th percentile
Risk Scores
CVSS 3.1
3.700000047683716
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
0.01%
1.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| PowerDNS | DNSdist | 1.9.0, 2.0.0 |
Exploit Intelligence
- CIRCL seen: CVE-2025-30187 (circl-sighting)
- CIRCL seen: CVE-2025-30187 (circl-sighting)
- http://www.openwall.com/lists/oss-security/2025/09/18/1 (circl)
- https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2025-05.html (circl)
Timeline
- Sep 18, 2025 EPSS Score
- Sep 18, 2025 CVE Published
- Sep 18, 2025 PoC Published
- Sep 25, 2025 EPSS Score
- Oct 2, 2025 EPSS Score
- Oct 2, 2025 PoC Published
- Oct 9, 2025 EPSS Score
- Oct 16, 2025 EPSS Score
- Oct 23, 2025 EPSS Score
- Oct 30, 2025 EPSS Score
- Nov 4, 2025 CVE Updated
- Nov 6, 2025 EPSS Score