rpm package
suse/dnsdist&distro=SUSE Linux Enterprise Server for SAP applications 16.0
pkg:rpm/suse/dnsdist&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-30187 | Low | 3.7 | < 1.9.11-160000.1.1 | 1.9.11-160000.1.1 | Sep 18, 2025 | In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption o | |
| CVE-2025-8671 | Hig | 7.5 | < 1.9.11-160000.1.1 | 1.9.11-160000.1.1 | Aug 13, 2025 | A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service (DoS). By opening streams and then rapidly |
- affected < 1.9.11-160000.1.1fixed 1.9.11-160000.1.1
In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption o
- affected < 1.9.11-160000.1.1fixed 1.9.11-160000.1.1
A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service (DoS). By opening streams and then rapidly