Vulnerabilities > Powerdns
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-22 | CVE-2018-1000003 | Improper Input Validation vulnerability in Powerdns Recursor 4.1.0 Improper input validation bugs in DNSSEC validators components in PowerDNS version 4.1.0 allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay. | 3.7 |
| 2017-08-22 | CVE-2017-7557 | Cross-Site Request Forgery (CSRF) vulnerability in Powerdns Dnsdist 1.1.0 dnsdist version 1.1.0 is vulnerable to a flaw in authentication mechanism for REST API potentially allowing CSRF attack. | 8.8 |
| 2016-09-26 | CVE-2016-6172 | Resource Exhaustion vulnerability in multiple products PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response. | 6.8 |
| 2016-09-21 | CVE-2016-5427 | Resource Management Errors vulnerability in Powerdns Authoritative PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not properly handle a . | 7.5 |
| 2016-09-21 | CVE-2016-5426 | Resource Management Errors vulnerability in Powerdns Authoritative PowerDNS (aka pdns) Authoritative Server before 3.4.10 allows remote attackers to cause a denial of service (backend CPU consumption) via a long qname. | 7.5 |