Vulnerabilities > Powerdns > Low

DATE CVE VULNERABILITY TITLE RISK
2018-01-23 CVE-2017-15093 Improper Input Validation vulnerability in Powerdns Recursor
When api-config-dir is set to a non-empty value, which is not the case by default, the API in PowerDNS Recursor 4.x up to and including 4.0.6 and 3.x up to and including 3.7.4 allows an authorized user to update the Recursor's ACL by adding and removing netmasks, and to configure forward zones.
network
powerdns CWE-20
3.5
2005-07-19 CVE-2005-2302 Unspecified vulnerability in Powerdns
PowerDNS before 2.9.18, when allowing recursion to a restricted range of IP addresses, does not properly handle questions from clients that are denied recursion, which could cause a "blank out" of answers to those clients that are allowed to use recursion.
local
low complexity
powerdns
2.1