Unrated severityNVD Advisory· Published Jan 29, 2019· Updated Aug 4, 2024
CVE-2019-3807
CVE-2019-3807
Description
An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an attacker to bypass DNSSEC validation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- osv-coords3 versionspkg:rpm/opensuse/pdns-recursor&distro=openSUSE%20Tumbleweedpkg:rpm/suse/pdns-recursor&distro=SUSE%20Package%20Hub%2012%20SP1pkg:rpm/suse/pdns-recursor&distro=SUSE%20Package%20Hub%2015
< 4.5.5-1.3+ 2 more
- (no CPE)range: < 4.5.5-1.3
- (no CPE)range: < 4.1.10-16.1
- (no CPE)range: < 4.1.2-bp150.2.6.1
- Power DNS/pdns-recursorv5Range: versions 4.1.x before 4.1.9
Patches
Vulnerability mechanics
References
2- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
- docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-02.htmlmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.