PyPi: Dnspython

CVE-2023-29483

Safety vulnerability ID: 66710

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Apr 11, 2024 Updated at May 03, 2024

Scan your Python projects for vulnerabilities →

Advisory

The dnspython stub resolver is vulnerable to a potential DoS if a bad-in-some-way response from the right address and port forged by an attacker arrives before a legitimate one on the UDP port dnspython is using for that query.

Affected package

dnspython

Latest version: 2.6.1

DNS toolkit

Affected versions

Fixed versions

Vulnerability changelog

This vulnerability has no description

Resources

https://github.com/rthalley/dnspython/commit/0ea5ad0a4583e1f519b9bcc67cfac381230d9cf2
https://github.com/rthalley/dnspython/issues/1045
https://lixiang521.com/publication/oakland24/sp24spring-tudoor-li.pdf
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29483

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application