Vulnerabilities > Powerdns > Dnsdist > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-11-26 CVE-2018-14663 Improper Input Validation vulnerability in Powerdns Dnsdist
An issue has been found in PowerDNS DNSDist before 1.3.3 allowing a remote attacker to craft a DNS query with trailing data such that the addition of a record by dnsdist, for example an OPT record when adding EDNS Client Subnet, might result in the trailing data being smuggled to the backend as a valid record while not seen by dnsdist.
network
high complexity
powerdns CWE-20
5.9