Vulnerabilities: stdlib and coredns

[gabicavalcante]

Our scan found some High CVEs on cloudflared:

• coredns
  • CVE-2025-58063
• stdlib:
  • CVE-2025-4674
  • CVE-2025-47907

Do these CVEs actually affect cloudflared in practice? And is there a patched release planned?

[jjpaulo2]

Same here! Them was found by Aikido.

Details from each vulnerability:

stdlib	libc	coredns

[jcsf]

We will be removing core-dns in the next release. Regarding stdlib and libc those should be fixed in the latest release.