Approved changes feed: RSS · Atom

cpe:2.3:a:powerdns:authoritative_server:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorPowerdns (ef825119-8390-5906-a637-f6692acc90eb)
ProductAuthoritative Server (341dd205-ef34-53fc-a29b-a040d099353f)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/powerdns/pdns purl2cpe 2026-06-01 10:12:49.243532

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-27227 vulnerable 2026-06-08 05:41:55.034459 Details available
In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.
Published: 2022-03-25T14:41:44.000Z
Updated: 2024-08-03T05:25:32.569Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-36754 vulnerable 2026-06-08 05:32:52.435672 Details available
PowerDNS Authoritative Server 4.5.0 before 4.5.1 allows anybody to crash the process by sending a specific query (QTYPE 65535) that causes an out-of-bounds exception.
Published: 2021-07-27T05:35:37.000Z
Updated: 2024-08-04T01:01:58.866Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-3871 vulnerable 2026-06-08 05:13:56.256473 Details available
MEDIUM (6.5)
A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend, allowing a remote user to cause a denial of service by making the server connect to an invalid endpoint, or possibly information disclosure by making the server connect to an internal endpoint and somehow extracting meaningful information about the response
Published: 2019-03-21T20:42:35.000Z
Updated: 2024-08-04T19:19:18.676Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-10203 vulnerable 2026-06-08 05:12:22.515593 Details available
MEDIUM (4.3)
PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS.
Published: 2019-11-22T12:01:13.000Z
Updated: 2024-08-04T22:17:18.889Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-6172 vulnerable 2026-06-08 05:07:59.070552 Details available
PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response.
Published: 2016-09-26T16:00:00.000Z
Updated: 2024-08-06T01:22:20.811Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2012-0206 vulnerable 2026-06-08 05:00:39.920121 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-3337 vulnerable 2026-06-08 04:50:34.303364 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.