Vulnerabilities > Powerdns > High

DATE CVE VULNERABILITY TITLE RISK
2024-02-14 CVE-2023-50387 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue.
7.5
2023-01-21 CVE-2023-22617 Uncontrolled Recursion vulnerability in Powerdns Recursor 4.8.0
A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode.
network
low complexity
powerdns CWE-674
7.5
2022-03-25 CVE-2022-27227 In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.
network
low complexity
powerdns fedoraproject
7.5
2020-05-19 CVE-2020-10995 Resource Exhaustion vulnerability in multiple products
PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks.
network
low complexity
powerdns fedoraproject debian opensuse CWE-400
7.5
2020-05-19 CVE-2020-10030 Out-of-bounds Read vulnerability in Powerdns Recursor
An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0.
network
low complexity
powerdns CWE-125
8.8
2020-05-19 CVE-2020-12244 Improper Verification of Cryptographic Signature vulnerability in multiple products
An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation.
network
low complexity
powerdns fedoraproject debian opensuse CWE-347
7.5
2019-03-21 CVE-2019-3871 Improper Input Validation vulnerability in multiple products
A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7.
network
low complexity
powerdns fedoraproject CWE-20
8.8
2018-09-11 CVE-2016-7068 Resource Exhaustion vulnerability in multiple products
An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 3.7.4 and 4.0.4, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the PowerDNS server by sending crafted DNS queries, which might result in a partial denial of service if the system becomes overloaded.
network
low complexity
powerdns debian CWE-400
7.8
2016-09-26 CVE-2016-6172 Resource Exhaustion vulnerability in multiple products
PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response.
7.1
2015-11-02 CVE-2015-5470 Resource Management Errors vulnerability in Powerdns Authoritative and Recursor
The label decompression functionality in PowerDNS Recursor before 3.6.4 and 3.7.x before 3.7.3 and Authoritative (Auth) Server before 3.3.3 and 3.4.x before 3.4.5 allows remote attackers to cause a denial of service (CPU consumption or crash) via a request with a long name that refers to itself.
network
low complexity
powerdns CWE-399
7.8