{"uuid": "9bef1f46-be95-41a4-addf-52fa77e0c338", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-50387", "type": "seen", "source": "https://t.me/arpsyndicate/4918", "content": "#ExploitObserverAlert\n\nCVE-2023-50387\n\nDESCRIPTION: Exploit Observer has 86 entries in 13 file formats related to CVE-2023-50387. Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the \"KeyTrap\" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.\n\nFIRST-EPSS: 0.036600000\nNVD-IS: 3.6\nNVD-ES: 3.9\nARPS-PRIORITY: 0.7316946", "creation_timestamp": "2024-05-02T23:26:15.000000Z"}