Approved changes feed: RSS · Atom

cpe:2.3:a:powerdns:recursor:2.9.16:*:*:*:*:*:*:*

part: a version: 2.9.16 update: *

VendorPowerdns (ef825119-8390-5906-a637-f6692acc90eb)
ProductRecursor (747fb593-573c-5107-91c6-5adf2a41b0ef)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:deb/debian/pdns-recursor purl2cpe 2026-06-01 10:12:49.018198
pkg:deb/ubuntu/pdns-recursor purl2cpe 2026-06-01 10:12:49.018200
pkg:github/powerdns/pdns purl2cpe 2026-06-01 10:12:49.018201
pkg:rpm/fedora/pdns-recursor purl2cpe 2026-06-01 10:12:49.018202
pkg:rpm/opensuse/pdns-recursor purl2cpe 2026-06-01 10:12:49.018204

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2009-4010 vulnerable 2026-06-08 04:51:46.106636 Details available
Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones.
Published: 2010-01-08T17:00:00.000Z
Updated: 2024-08-07T06:45:50.898Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2009-4009 vulnerable 2026-06-08 04:51:46.099145 Details available
Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets.
Published: 2010-01-08T17:00:00.000Z
Updated: 2024-08-07T06:45:50.893Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2006-4252 vulnerable 2026-06-08 04:49:11.395137 Details available
PowerDNS Recursor 3.1.3 and earlier allows remote attackers to cause a denial of service (resource exhaustion and application crash) via a CNAME record with a zero TTL, which triggers an infinite loop.
Published: 2006-11-14T20:00:00.000Z
Updated: 2024-08-07T19:06:06.841Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2006-4251 vulnerable 2026-06-08 04:49:11.390673 Details available
Buffer overflow in PowerDNS Recursor 3.1.3 and earlier might allow remote attackers to execute arbitrary code via a malformed TCP DNS query that prevents Recursor from properly calculating the TCP DNS query length.
Published: 2006-11-14T19:00:00.000Z
Updated: 2024-08-07T19:06:07.189Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.