Description

dnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. This vulnerability is fixed in 3.6.0.

INFO

Published Date :

2024-07-22T14:05:29.278Z

Last Modified :

2025-07-24T03:55:26.242Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2024-25638 vulnerability.

Vendors Products
Dnsjava
  • Dnsjava
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-25638.

URL Resource
https://github.com/dnsjava/dnsjava/commit/2073a0cdea2c560465f7ac0cc56f202e6fc39705 cve-icon cve-icon
https://github.com/dnsjava/dnsjava/commit/bc51df1c455e6c9fb7cbd42fcb6d62d16047818d cve-icon cve-icon
https://github.com/dnsjava/dnsjava/security/advisories/GHSA-cfxw-4h78-h7fw cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-25638 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-25638 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact