VYPR

Resolv

by Ruby Lang

gem: resolv

Source repositories

CVEs (2)

  • CVE-2025-24294HigJul 12, 2025
    risk 0.42cvss 7.5epss 0.01

    The attack vector is a potential Denial of Service (DoS). The vulnerability is caused by an insufficient check on the length of a decompressed domain name within a DNS packet. An attacker can craft a malicious DNS packet containing a highly compressed domain name. When the…

  • CVE-2008-3905Sep 4, 2008
    risk 0.00cvss epss 0.02

    resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different…