CVE-2023-7008

ADVISORY - nist

Summary

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.

EPSS Score⁠: 0.00304 (0.532)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-300⁠

Channel Accessible by Non-Endpoint

CWE-other⁠

ADVISORY - redhat

CWE-300⁠

Channel Accessible by Non-Endpoint

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.