dnsjava:dnsjava@3.5.2 vulnerabilities
-
latest version
3.6.2
-
latest non vulnerable version
-
first published
19 years ago
-
latest version published
2 months ago
-
licenses detected
- [3.5.0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the dnsjava:dnsjava package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Acceptance of Extraneous Untrusted Data With Trusted Data due to missing authentication in DNS responses. An attacker can manipulate DNS records and redirect network traffic or intercept sensitive information by injecting or altering DNS records from different zones in the communication channel. Note: This is only exploitable if the application utilizing DNSSEC does not implement additional checks on the relevance of DNS records to the original query. How to fix Acceptance of Extraneous Untrusted Data With Trusted Data? Upgrade |
[,3.6.0)
|
Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when How to fix Allocation of Resources Without Limits or Throttling? Upgrade |
[,3.6.0)
|
Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when How to fix Allocation of Resources Without Limits or Throttling? Upgrade |
[,3.6.0)
|