Nixpkgs security tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

Untriaged
Filter by:
With package: coredns

Found 3 matching suggestions

View:
Compact
Detailed
Permalink CVE-2026-26017
7.7 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 1 month, 1 week ago
CoreDNS ACL Bypass

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the rewrite plugin, resulting in a Time-of-Check Time-of-Use (TOCTOU) flaw. This issue has been patched in version 1.14.2.

Affected products

coredns
  • ==< 1.14.2

Matching in nixpkgs

Package maintainers

Permalink CVE-2026-26018
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 1 month, 1 week ago
CoreDNS Loop Detection Denial of Service Vulnerability

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnerability stems from the use of a predictable pseudo-random number generator (PRNG) for generating a secret query name, combined with a fatal error handler that terminates the entire process. This issue has been patched in version 1.14.2.

Affected products

coredns
  • ==< 1.14.2

Matching in nixpkgs

Package maintainers

Permalink CVE-2024-0874
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
created 1 year, 3 months ago
Coredns: cd bit response is cached and served later

A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.

References

Affected products

coredns
  • <1.11.2
openshift4/ose-coredns
  • *
openshift4/ose-coredns-rhel9
  • *
rhacm2/lighthouse-agent-rhel8
rhacm2/lighthouse-agent-rhel9
openshift-logging/logging-loki-rhel8
openshift-logging/logging-loki-rhel9
rhacm2-tech-preview/lighthouse-agent-rhel8

Matching in nixpkgs

Package maintainers