Unrated severityNVD Advisory· Published Mar 25, 2022· Updated Aug 3, 2024

CVE-2022-27227

Description

In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.

Affected products

PowerDNS/PowerDNS Authoritative Serverdescription
osv-coords4 versions
pkg:rpm/opensuse/pdns&distro=openSUSE%20Tumbleweed pkg:rpm/opensuse/pdns-recursor&distro=openSUSE%20Leap%2015.3 pkg:rpm/opensuse/pdns-recursor&distro=openSUSE%20Tumbleweed pkg:rpm/suse/pdns-recursor&distro=SUSE%20Package%20Hub%2015%20SP3
< 4.6.1-1.1+ 3 more
- (no CPE)range: < 4.6.1-1.1
- (no CPE)range: < 4.3.5-bp153.2.3.1
- (no CPE)range: < 4.6.1-1.1
- (no CPE)range: < 4.3.5-bp153.2.3.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2QKN56VWXUVFOYGUN75N5IRNK66OHTHT/mitrevendor-advisoryx_refsource_FEDORA
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HEABZA46XYEUWMGSY2GYYVHISBVWEHIO/mitrevendor-advisoryx_refsource_FEDORA
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPHOFNI7FKM5NNOVDOWO4TBXFAFICCUE/mitrevendor-advisoryx_refsource_FEDORA
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJSKICB67SPPEGNXCQLZVSWR6QGCN3KP/mitrevendor-advisoryx_refsource_FEDORA
www.openwall.com/lists/oss-security/2022/03/25/1mitremailing-listx_refsource_MLIST
doc.powerdns.com/authoritative/security-advisories/index.htmlmitrex_refsource_MISC
doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2022-01.htmlmitrex_refsource_CONFIRM
docs.powerdns.com/recursor/security-advisories/index.htmlmitrex_refsource_MISC
docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2022-01.htmlmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000