CoreDNS may return invalid cache entries
A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.
A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.
A flaw was found in coreDNS. This flaw allows a malicious user to redirect traffic intended for external top-level domains (TLD) to a pod they control by creating projects and namespaces that match the TLD.
A flaw was found in coreDNS. This flaw allows a malicious user to reroute internal calls to some internal services that were accessed by the FQDN in a format of ..svc.
Impact CoreDNS before 1.6.6 (using go DNS package < 1.1.25) improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries. Patches The problem has been fixed in 1.6.6+. References CVE-2019-19794 For more information Please consult our security guide for more information regarding our security process.