vulnerability
Debian: CVE-2024-25638: dnsjava -- security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:P) | Jul 22, 2024 | May 15, 2025 | Aug 15, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:P)
Published
Jul 22, 2024
Added
May 15, 2025
Modified
Aug 15, 2025
Description
dnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. This vulnerability is fixed in 3.6.0.
Solution
no-fix-debian-deb-package
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.