CVE-2025-58066: DoS Vulnerability in ntpd-rs

August 29, 2025

A denial of service vulnerability was discovered in ntpd-rs where an attacker can induce a message storm between two NTP servers running ntpd-rs.

References

github.com/advisories/GHSA-4855-q42w-5vr4
github.com/pendulum-project/ntpd-rs
github.com/pendulum-project/ntpd-rs/commit/da37cf167736cbd4d7804b1ed7ceb572468298e0
github.com/pendulum-project/ntpd-rs/security/advisories/GHSA-4855-q42w-5vr4
nvd.nist.gov/vuln/detail/CVE-2025-58066

Code Behaviors & Features

Detect and mitigate CVE-2025-58066 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →