Security Advisory

CVE-2025-30187

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-18 09:21:32

Last updated 2025-11-04 21:09:56

Assigner OX

State PUBLISHED

Description

In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption of CPU resources.

← Browse all CVEs View on cve.org ↗