CVE-2020-35857

HIGH

trust-dns-server 0.16.0-0.18.0 - Denial of Service via DNS MX and SRV Null Target Handling

Title source: llm

An issue was discovered in the trust-dns-server crate before 0.18.1 for Rust. DNS MX and SRV null targets are mishandled, causing stack consumption.

Core 2

Core References

Exploit, Third Party Advisory

Patch

CVSS v3 7.5

EPSS 0.0144

EPSS Percentile 69.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400

Status published

Products (2)

crates.io/trust-dns-server 0.16.0 - 0.18.1crates.io

trust-dns-server_project/trust-dns-server 0.16.0 - 0.18.1

Published Dec 31, 2020

Tracked Since Feb 18, 2026