VDB

DEBIAN-CVE-2024-25638

DEBIAN-CVE-2024-25638 PUBLISHED CVSS 8.899999618530273 HIGH

dnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. This vulnerability is fixed in 3.6.0.

Risk Scores

CVSS 3.1
8.899999618530273
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L

Affected Products

VendorProductVersions
Debian:12dnsjava3.6.3-1, 3.6.2-1, 3.6.2-2
Debian:14dnsjava0, 0
Debian:11dnsjava3.6.2-1, 3.6.2-2, 3.6.3-1
Debian:13dnsjava0, 0

Exploit Intelligence

Timeline

  • Jul 22, 2024 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›