Approved changes feed: RSS · Atom

cpe:2.3:a:powerdns:powerdns:2.9.15:*:*:*:*:*:*:*

part: a version: 2.9.15 update: *

VendorPowerdns (ef825119-8390-5906-a637-f6692acc90eb)
ProductPowerdns (4807834b-8a7b-59b5-92b4-bb9be1584818)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:docker/powerdns/pdns-auth-master purl2cpe 2026-06-01 10:12:49.299859
pkg:github/powerdns/pdns purl2cpe 2026-06-01 10:12:49.299861
pkg:rpm/fedora/pdns purl2cpe 2026-06-01 10:12:49.299863
pkg:rpm/opensuse/pdns purl2cpe 2026-06-01 10:12:49.299864

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2008-5277 vulnerable 2026-06-08 04:50:50.420083 Details available
PowerDNS before 2.9.21.2 allows remote attackers to cause a denial of service (daemon crash) via a CH HINFO query.
Published: 2008-12-09T00:00:00.000Z
Updated: 2024-08-07T10:49:11.870Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2005-2302 vulnerable 2026-06-08 04:48:28.852988 Details available
PowerDNS before 2.9.18, when allowing recursion to a restricted range of IP addresses, does not properly handle questions from clients that are denied recursion, which could cause a "blank out" of answers to those clients that are allowed to use recursion.
Published: 2005-07-19T04:00:00.000Z
Updated: 2024-08-07T22:22:48.406Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2005-2301 vulnerable 2026-06-08 04:48:28.851118 Details available
PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack.
Published: 2005-07-19T04:00:00.000Z
Updated: 2024-08-07T22:22:48.596Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2005-0428 vulnerable 2026-06-08 04:48:12.613362 Details available
The DNSPacket::expand method in dnspacket.cc in PowerDNS before 2.9.17 allows remote attackers to cause a denial of service by sending a random stream of bytes.
Published: 2005-02-15T05:00:00.000Z
Updated: 2024-08-07T21:13:54.257Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2005-0038 vulnerable 2026-06-08 04:48:11.126095 Details available
The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop.
Published: 2006-04-28T01:00:00.000Z
Updated: 2024-08-07T20:57:40.965Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.