CNNVD-202509-1184 Information

CNNVD ID

CNNVD-202509-1184

Related CVE

CVE-2025-58063

• CNNVD Published: 2025-09-09

Description (Chinese)

CoreDNS是CoreDNS社区的一个 DNS 服务器。 CoreDNS 1.2.0至1.12.4之前版本存在安全漏洞，该漏洞源于etcd插件TTL混淆，可能导致DNS缓存固定攻击和拒绝服务。

Description (English)

CreDNS is a DNS server for the CoreDNS community. The pre-CreDNS 1.2.0 to 1.12.4 security loophole, which stems from the confusion of the etcd plug-in TTL, could lead to the DNS cache of fixed attacks and denial of services.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

CoreDNS

Published

2025-09-09

Last Modified

2026-02-24

References

https://github.com/coredns/coredns/commit/e1768a5d272e9da649dfb8588595e5c6e4e640bf https://github.com/coredns/coredns/security/advisories/GHSA-93mf-426m-g6x9 https://access.redhat.com/security/cve/cve-2025-58063

Patch

https://github.com/coredns/coredns/releases