The miekg Go DNS package prior to 1.1.25, as used in CoreDNS prior to 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
miekg-dns project miekg-dns |