Approved changes feed: RSS · Atom

cpe:2.3:a:powerdns:dnsdist:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorPowerdns (ef825119-8390-5906-a637-f6692acc90eb)
ProductDnsdist (e0e69747-d7fb-5f59-848e-261d64e1cd66)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/powerdns/pdns purl2cpe 2026-06-01 10:12:49.005689

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2026-33602 vulnerable 2026-06-08 07:59:10.423377 Off-by-one access when processing crafted UDP responses
MEDIUM (6.5)
A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service.
Published: 2026-04-22T13:45:34.667Z
Updated: 2026-04-22T14:47:07.785Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-33599 vulnerable 2026-06-08 07:59:10.422057 Out-of-bounds read in service discovery
LOW (3.1)
A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade (Lua) option to newServer or auto_upgrade (YAML) settings. DDR upgrade is not enabled by default.
Published: 2026-04-22T13:46:05.277Z
Updated: 2026-04-22T14:50:22.629Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-33598 vulnerable 2026-06-08 07:59:10.421811 Out-of-bounds read in cache inspection via Lua
MEDIUM (4.8)
A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress() or getAddressListByDomain() on a packet cache.
Published: 2026-04-22T13:46:45.688Z
Updated: 2026-04-22T14:49:43.649Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-33597 vulnerable 2026-06-08 07:59:10.421565 PRSD detection denial of service
LOW (3.7)
PRSD detection denial of service
Published: 2026-04-22T13:47:34.604Z
Updated: 2026-04-22T14:41:14.855Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-33596 vulnerable 2026-06-08 07:59:10.421311 TCP backend stream ID overflow
LOW (3.1)
A client might theoretically be able to cause a mismatch between queries sent to a backend and the received responses by sending a flood of perfectly timed queries that are routed to a TCP-only or DNS over TLS backend.
Published: 2026-04-22T13:47:10.454Z
Updated: 2026-04-22T14:43:54.294Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-33595 vulnerable 2026-06-08 07:59:10.421036 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-33594 vulnerable 2026-06-08 07:59:10.420686 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-33593 vulnerable 2026-06-08 07:59:10.420289 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-33260 vulnerable 2026-06-08 07:59:09.445285 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-33257 vulnerable 2026-06-08 07:59:09.443574 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-33254 vulnerable 2026-06-08 07:59:09.439609 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-27854 vulnerable 2026-06-08 07:55:14.065413 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-27853 vulnerable 2026-06-08 07:55:14.064936 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-24030 vulnerable 2026-06-08 07:51:16.591424 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-24029 vulnerable 2026-06-08 07:51:16.591015 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-24028 vulnerable 2026-06-08 07:51:16.590669 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-0397 vulnerable 2026-06-08 07:47:12.045450 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-0396 vulnerable 2026-06-08 07:47:12.045093 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-30194 vulnerable 2026-06-08 07:16:59.226251 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-30193 not_vulnerable 2026-06-08 07:16:59.225833 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-30187 vulnerable 2026-06-08 07:16:59.220860 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-25581 vulnerable 2026-06-08 06:31:23.309755 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2018-14663 vulnerable 2026-06-08 05:10:53.254956 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.