DNS Server Vulnerability in CoreDNS Affecting Plugin Functionality
CVE-2025-58063

7.1HIGH

Key Information:

Vendor: Coredns
Status: Coredns
Vendor: CVE Published:; 9 September 2025

What is CVE-2025-58063?

CoreDNS, a popular DNS server that utilizes a plugin architecture, is impacted by a TTL confusion vulnerability in its etcd plugin. This flaw, present in versions from 1.2.0 up to 1.12.4, arises from an error where lease IDs from etcd, which are 64-bit integers, are incorrectly used as Time To Live (TTL) values after being cast to uint32. This miscasting can lead to very large TTLs, creating potential opportunities for DNS cache pinning attacks. As a result, affected services may experience denial of service (DoS) conditions for DNS resolution. The issue has been rectified in version 1.12.4.

Affected Version(s)

coredns >= 1.2.0, < 1.12.4

References

https://github.com/coredns/coredns/security/advisories/GH...

x_refsource_CONFIRM

https://github.com/coredns/coredns/commit/e1768a5d272e9da...

x_refsource_MISC

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 9, 2025
Vulnerability Reserved
Aug 22, 2025

Coredns

What is CVE-2025-58063?

Affected Version(s)

References

CVSS V3.1

Timeline