Moderate severityNVD Advisory· Published Sep 18, 2024· Updated Sep 19, 2024
CVE-2023-30464
CVE-2023-30464
Description
CoreDNS through 1.10.1 enables attackers to achieve DNS cache poisoning and inject fake responses via a birthday attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/coredns/corednsGo | <= 1.10.1 | — |
Affected products
10- osv-coords9 versionspkg:apk/chainguard/juicefs-1.2pkg:apk/chainguard/juicefs-1.2-compatpkg:apk/chainguard/juicefs-1.3pkg:apk/chainguard/juicefs-1.3-compatpkg:apk/wolfi/juicefs-1.3pkg:apk/wolfi/juicefs-1.3-compatpkg:golang/github.com/coredns/corednspkg:rpm/opensuse/coredns&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/coredns&distro=SUSE%20Package%20Hub%2015%20SP6
< 1.2.4-r1+ 8 more
- (no CPE)range: < 1.2.4-r1
- (no CPE)range: < 1.2.4-r1
- (no CPE)range: < 1.3.0-r2
- (no CPE)range: < 1.3.0-r2
- (no CPE)range: < 1.3.0-r2
- (no CPE)range: < 1.3.0-r2
- (no CPE)range: <= 1.10.1
- (no CPE)range: < 1.11.3-bp156.4.3.1
- (no CPE)range: < 1.11.3-bp156.4.3.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.