CVE-2025-30187

Low CVSS: 3.7

In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption of CPU resources.

Vendor

Product

CWE

CWE-835

Yayın Tarihi

2025-09-18 10:15:32

Güncelleme

2025-11-04 22:16:09

Source Identifier

security@open-xchange.com

KEV Date Added

Kategoriler

CWE-835 LOW 2025

Referanslar

https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2025-05.html http://www.openwall.com/lists/oss-security/2025/09/18/1