rpm package
suse/pdns&distro=SUSE Package Hub 12 SP1
pkg:rpm/suse/pdns&distro=SUSE%20Package%20Hub%2012%20SP1
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-17482 | — | < 4.3.1-bp152.2.5.1 | 4.3.1-bp152.2.5.1 | Oct 2, 2020 | An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory. | ||
| CVE-2019-10203 | — | < 4.1.2-bp150.2.9.1 | 4.1.2-bp150.2.9.1 | Nov 22, 2019 | PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS. | ||
| CVE-2019-10163 | — | < 4.1.2-bp150.2.9.1 | 4.1.2-bp150.2.9.1 | Jul 30, 2019 | A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only ser | ||
| CVE-2019-10162 | — | < 4.1.2-bp150.2.9.1 | 4.1.2-bp150.2.9.1 | Jul 30, 2019 | A vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.10, 4.0.8 allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Serve | ||
| CVE-2019-3871 | — | < 4.1.2-bp150.2.6.1 | 4.1.2-bp150.2.6.1 | Mar 21, 2019 | A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend, allowing a remote user to cause a denial of | ||
| CVE-2018-14626 | — | < 4.1.5-14.1 | 4.1.5-14.1 | Nov 29, 2018 | PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS Recursor 4.0.0 up to 4.1.4 inclusive are vulnerable to a packet cache pollution via crafted query that can lead to denial of service. | ||
| CVE-2018-10851 | — | < 4.1.5-14.1 | 4.1.5-14.1 | Nov 29, 2018 | PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service. | ||
| CVE-2018-1046 | Hig | 7.8 | < 4.1.2-8.1 | 4.1.2-8.1 | Jul 16, 2018 | pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution. T |
- CVE-2020-17482Oct 2, 2020affected < 4.3.1-bp152.2.5.1fixed 4.3.1-bp152.2.5.1
An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory.
- CVE-2019-10203Nov 22, 2019affected < 4.1.2-bp150.2.9.1fixed 4.1.2-bp150.2.9.1
PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS.
- CVE-2019-10163Jul 30, 2019affected < 4.1.2-bp150.2.9.1fixed 4.1.2-bp150.2.9.1
A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only ser
- CVE-2019-10162Jul 30, 2019affected < 4.1.2-bp150.2.9.1fixed 4.1.2-bp150.2.9.1
A vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.10, 4.0.8 allowing an authorized user to cause the server to exit by inserting a crafted record in a MASTER type zone under their control. The issue is due to the fact that the Authoritative Serve
- CVE-2019-3871Mar 21, 2019affected < 4.1.2-bp150.2.6.1fixed 4.1.2-bp150.2.6.1
A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend, allowing a remote user to cause a denial of
- CVE-2018-14626Nov 29, 2018affected < 4.1.5-14.1fixed 4.1.5-14.1
PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS Recursor 4.0.0 up to 4.1.4 inclusive are vulnerable to a packet cache pollution via crafted query that can lead to denial of service.
- CVE-2018-10851Nov 29, 2018affected < 4.1.5-14.1fixed 4.1.5-14.1
PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service.
- affected < 4.1.2-8.1fixed 4.1.2-8.1
pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution. T