{"vulnerability": "CVE-2025-30194", "sightings": [{"uuid": "d769e84c-9699-490f-89bd-051d7cb9ab21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30194", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lnxbcsaqns2u", "content": "", "creation_timestamp": "2025-04-29T12:19:58.144638Z"}, {"uuid": "5af3df65-0c40-49a8-9e23-7a3e838cd1a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-30194", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lnz3lrn24c24", "content": "", "creation_timestamp": "2025-04-30T05:43:00.197308Z"}, {"uuid": "3525274b-9b8e-4155-81d2-01594b3e94aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30194", "type": "seen", "source": "https://t.me/cvedetector/23992", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30194 - DNSdist DoH Double-Free Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2025-30194 \nPublished : April 29, 2025, 12:15 p.m. | 17\u00a0minutes ago \nDescription : When DNSdist is configured to provide DoH via the nghttp2 provider, an attacker can cause a denial of service by crafting a DoH exchange that triggers an illegal memory access (double-free) and crash of DNSdist, causing a denial of service.  \n  \nThe remedy is: upgrade to the patched 1.9.9 version.  \n  \nA workaround is to temporarily switch to the h2o provider until DNSdist has been upgraded to a fixed version.  \n  \nWe would like to thank Charles Howes for bringing this issue to our attention. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T15:09:26.000000Z"}, {"uuid": "17269002-1429-40c2-90c9-2cacd86546e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30194", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3lnznq6ojw22p", "content": "", "creation_timestamp": "2025-04-30T11:07:32.633131Z"}, {"uuid": "7aa8b039-5512-4501-8da6-3fcb17bc6573", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30194", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q2/102", "content": "", "creation_timestamp": "2025-04-29T09:41:46.000000Z"}, {"uuid": "270f9506-8d99-45b2-ab64-1d694db87046", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30194", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13803", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30194\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: When DNSdist is configured to provide DoH via the nghttp2 provider, an attacker can cause a denial of service by crafting a DoH exchange that triggers an illegal memory access (double-free) and crash of DNSdist, causing a denial of service.\n\nThe remedy is: upgrade to the patched 1.9.9 version.\n\nA workaround is to temporarily switch to the h2o provider until DNSdist has been upgraded to a fixed version.\n\nWe would like to thank Charles Howes for bringing this issue to our attention.\n\ud83d\udccf Published: 2025-04-29T11:25:47.141Z\n\ud83d\udccf Modified: 2025-04-29T11:27:04.926Z\n\ud83d\udd17 References:\n1. https://dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2025-02.html", "creation_timestamp": "2025-04-29T12:12:36.000000Z"}, {"uuid": "5e0b3f93-f7a6-43cd-a3b3-01545284aa89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30194", "type": "seen", "source": "Telegram/cGJ944CXyeffrtXPIenZS-eFnFpysOqeEVOOEo7Bip4pVr0", "content": "", "creation_timestamp": "2025-04-29T14:00:48.000000Z"}]}