CVE-2024-25638

8.9 HIGH
Published: July 22, 2024 Modified: April 15, 2026
View on NVD

Description

dnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. This vulnerability is fixed in 3.6.0.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/dnsjava/dnsjava/commit/2073a0cdea2c560465f7ac0cc56f202e6fc39705
Source: security-advisories@github.com
https://github.com/dnsjava/dnsjava/security/advisories/GHSA-cfxw-4h78-h7fw
Source: security-advisories@github.com
https://github.com/dnsjava/dnsjava/commit/bc51df1c455e6c9fb7cbd42fcb6d62d16047818d
Source: af854a3a-2127-422b-91ae-364da2661108
https://github.com/dnsjava/dnsjava/security/advisories/GHSA-cfxw-4h78-h7fw
Source: af854a3a-2127-422b-91ae-364da2661108

4 reference(s) from NVD

Quick Stats

CVSS v3 Score
8.9 / 10.0
EPSS (Exploit Probability)
0.2%
41th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-345 CWE-349

Related CVEs

CVE-2026-40962 4.9
CVE-2026-40505 3.3
CVE-2026-40504 9.8
CVE-2026-3299 6.4
CVE-2026-40960 8.1