How severe is CVE-2025-30193?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2025-30193?

This is classified as CWE-674, which is a common weakness in software security.

CVE-2025-30193 - HIGH Severity | CVSS 7.5

Vulnerability Description

In some circumstances, when DNSdist is configured to allow an unlimited number of queries on a single, incoming TCP connection from a client, an attacker can cause a denial of service by crafting a TCP exchange that triggers an exhaustion of the stack and a crash of DNSdist, causing a denial of service. The remedy is: upgrade to the patched 1.9.10 version. A workaround is to restrict the maximum number of queries on incoming TCP connections to a safe value, like 50, via the setMaxTCPQueriesPerConnection setting. We would like to thank Renaud Allard for bringing this issue to our attention.

Related Vulnerabilities

CVE-2007-1285

HIGH

CVSS:7.5(High)

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recurs...

CWE-6742007

CVE-2007-3409

HIGH

CVSS:7.5(High)

Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an in...

CWE-6742007

CVE-2016-10707

HIGH

CVSS:7.5(High)

jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an in...

CWE-6742016

CVE-2016-3627

HIGH

CVSS:7.5(High)

The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consump...

CWE-6742016

CVE-2016-9597

HIGH

CVSS:7.5(High)

It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service atta...

CWE-6742016

CVE-2017-11164

HIGH

CVSS:7.5(High)

In PCRE 8.41, the OP_KETRMAX feature in the match function in pcre_exec.c allows stack exhaustion (uncontrolled recursion) when processing a crafted regular expression.

CWE-6742017