- Description
- Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1.
- Source
- security-officer@isc.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
- security-officer@isc.org
- CWE-770
- Hype score
- Not currently trending
【メールマガジン(FROM JPRS)】バックナンバーを更新しました。 通常号 vol.1181「(緊急)BIND 9.xの脆弱性(パフォーマンスの低下)について(CVE-2024-12705)、他1件」など https://t.co/4iyOJ2aHIZ
@JPRS_official
3 Feb 2025
134 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat Alert: ISC Patches Two Vulnerabilities - CVE-2024-11187 and CVE-2024-12705 CVE-2024-12705 CVE-2024-11187 Severity: ⚠️ Critical Maturity: 💢 Emerging Learn more: https://t.co/vWBH3CSGGY #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
1 Feb 2025
141 Impressions
0 Retweets
2 Likes
0 Bookmarks
1 Reply
0 Quotes
🔵🟡🔴プログラミンニュース ~気になるニュースをピックアップ~ BIND 9 に 2 件の DoS 攻撃を受ける欠陥 (CVE-2024-11187, CVE-2024-12705) https://t.co/xt4HYrhCj1 #ICT
@programmin_net
31 Jan 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【注意喚起】(緊急)BIND 9.xの脆弱性(パフォーマンスの低下)について(CVE-2024-12705) - バージョンアップを強く推奨 - https://t.co/Gm2QcJjQTb
@JPRS_official
30 Jan 2025
803 Impressions
6 Retweets
10 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2024-12705 Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND… https://t.co/BrKhcKCB98
@CVEnew
29 Jan 2025
196 Impressions
2 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes