Approved changes feed: RSS · Atom
cpe:2.3:a:powerdns:powerdns:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Powerdns (ef825119-8390-5906-a637-f6692acc90eb) |
|---|---|
| Product | Powerdns (4807834b-8a7b-59b5-92b4-bb9be1584818) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:docker/powerdns/pdns-auth-master |
purl2cpe | 2026-06-01 10:12:49.251948 |
pkg:github/powerdns/pdns |
purl2cpe | 2026-06-01 10:12:49.251950 |
pkg:rpm/fedora/pdns |
purl2cpe | 2026-06-01 10:12:49.251952 |
pkg:rpm/opensuse/pdns |
purl2cpe | 2026-06-01 10:12:49.251953 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-25583 |
vulnerable | 2026-06-08 06:31:23.313392 |
Crafted responses can lead to a denial of service in Recursor if recursive forwarding is configured
HIGH (7.5)
A crafted response from an upstream server the recursor has been configured to forward-recurse to can cause a Denial of Service in the Recursor. The default configuration of the Recursor does not use recursive forwarding and is not affected.
Published: 2024-04-25T09:45:05.220Z
Updated: 2025-02-13T17:40:49.994Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-15090 |
vulnerable | 2026-06-08 05:08:57.827994 |
Details available
An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the signatures might have been accepted as valid even if the signed data was not in bailiwick of the DNSKEY used to sign it. This allows an attacker in position of man-in-the-middle to alter the content of records by issuing a valid signature for the crafted records.
Published: 2018-01-23T15:00:00.000Z
Updated: 2024-09-16T18:38:21.212Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-5277 |
vulnerable | 2026-06-08 04:50:50.391634 |
Details available
PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of service (daemon crash) via a CH HINFO query.
Published: 2008-12-09T00:00:00.000Z
Updated: 2024-08-07T10:49:11.870Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-3337 |
vulnerable | 2026-06-08 04:50:34.303994 |
Details available
PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which might make it easier for remote attackers to poison DNS caches of other products running on other servers, a different issue than CVE-2008-1447 and CVE-2008-3217.
Published: 2008-08-08T19:00:00.000Z
Updated: 2024-08-07T09:37:26.688Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2005-0038 |
vulnerable | 2026-06-08 04:48:11.114309 |
Details available
The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop.
Published: 2006-04-28T01:00:00.000Z
Updated: 2024-08-07T20:57:40.965Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.