) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:powerdns:authoritative_server:2.9.22:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2022-27227 |
In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers. Published: March 25, 2022; 11:15:07 AM -0400 |
V3.1: 7.5 HIGH V2.0: 4.3 MEDIUM |
| CVE-2019-3871 |
A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend, allowing a remote user to cause a denial of service by making the server connect to an invalid endpoint, or possibly information disclosure by making the server connect to an internal endpoint and somehow extracting meaningful information about the response Published: March 21, 2019; 5:29:00 PM -0400 |
V3.0: 8.8 HIGH V2.0: 6.5 MEDIUM |
| CVE-2016-6172 |
PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response. Published: September 26, 2016; 12:59:04 PM -0400 |
V3.0: 6.8 MEDIUM V2.0: 7.1 HIGH |
| CVE-2012-0206 |
common_startup.cc in PowerDNS (aka pdns) Authoritative Server before 2.9.22.5 and 3.x before 3.0.1 allows remote attackers to cause a denial of service (packet loop) via a crafted UDP DNS response. Published: February 17, 2012; 4:55:00 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |