Vulnerabilities > Powerdns > High

DATE CVE VULNERABILITY TITLE RISK
2024-02-14 CVE-2023-50387 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue.
7.5
2023-01-21 CVE-2023-22617 Uncontrolled Recursion vulnerability in Powerdns Recursor 4.8.0
A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode.
network
low complexity
powerdns CWE-674
7.5
2022-03-25 CVE-2022-27227 In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.
network
low complexity
powerdns fedoraproject
7.5
2021-07-30 CVE-2021-36754 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Powerdns Authoritative Server 4.5.0
PowerDNS Authoritative Server 4.5.0 before 4.5.1 allows anybody to crash the process by sending a specific query (QTYPE 65535) that causes an out-of-bounds exception.
network
low complexity
powerdns CWE-119
7.5
2020-10-16 CVE-2020-25829 An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5.
network
low complexity
powerdns opensuse
7.5
2020-10-02 CVE-2020-24697 Unspecified vulnerability in Powerdns Authoritative
An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used.
network
low complexity
powerdns
7.5
2020-10-02 CVE-2020-24696 Race Condition vulnerability in Powerdns Authoritative
An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used.
network
high complexity
powerdns CWE-362
8.1
2020-05-19 CVE-2020-10995 Resource Exhaustion vulnerability in multiple products
PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks.
network
low complexity
powerdns fedoraproject debian opensuse CWE-400
7.5
2020-05-19 CVE-2020-10030 Out-of-bounds Read vulnerability in Powerdns Recursor
An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0.
network
low complexity
powerdns CWE-125
8.8
2020-05-19 CVE-2020-12244 Improper Verification of Cryptographic Signature vulnerability in multiple products
An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation.
network
low complexity
powerdns fedoraproject debian opensuse CWE-347
7.5