rpm package
opensuse/pdns-recursor&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/pdns-recursor&distro=openSUSE%20Leap%2015.5
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-25583 | Hig | 7.5 | < 4.8.8-bp155.2.6.1 | 4.8.8-bp155.2.6.1 | Apr 25, 2024 | A crafted response from an upstream server the recursor has been configured to forward-recurse to can cause a Denial of Service in the Recursor. The default configuration of the Recursor does not use recursive forwarding and is not affected. | |
| CVE-2023-50868 | — | < 4.8.6-bp155.2.3.1 | 4.8.6-bp155.2.3.1 | Feb 14, 2024 | The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. The RFC 51 | ||
| CVE-2023-50387 | — | < 4.8.6-bp155.2.3.1 | 4.8.6-bp155.2.3.1 | Feb 14, 2024 | Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with man | ||
| CVE-2023-26437 | — | < 4.8.6-bp155.2.3.1 | 4.8.6-bp155.2.3.1 | Apr 4, 2023 | Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: through 4.6.5, through 4.7.4 , through 4.8.3. |
- affected < 4.8.8-bp155.2.6.1fixed 4.8.8-bp155.2.6.1
A crafted response from an upstream server the recursor has been configured to forward-recurse to can cause a Denial of Service in the Recursor. The default configuration of the Recursor does not use recursive forwarding and is not affected.
- CVE-2023-50868Feb 14, 2024affected < 4.8.6-bp155.2.3.1fixed 4.8.6-bp155.2.3.1
The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. The RFC 51
- CVE-2023-50387Feb 14, 2024affected < 4.8.6-bp155.2.3.1fixed 4.8.6-bp155.2.3.1
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with man
- CVE-2023-26437Apr 4, 2023affected < 4.8.6-bp155.2.3.1fixed 4.8.6-bp155.2.3.1
Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: through 4.6.5, through 4.7.4 , through 4.8.3.