github.com/miekg/dns uses an insecure random generation for transaction IDs. The default Id
function uses an insecure math/rand
function, resulting in predictable output and allowing an attacker to exploit the vulnerability to forge responses without being on path.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/miekg/dns | eq | HEAD | |
github.com/miekg/dns | le | 1.1.24 |