Search CVE reports
1 – 10 of 67 results
CVE-2024-25590
Medium priorityAn attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service.
1 affected package
pdns-recursor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2024-25583
Medium priorityA crafted response from an upstream server the recursor has been configured to forward-recurse to can cause a Denial of Service in the Recursor. The default configuration of the Recursor does not use recursive forwarding and is...
1 affected package
pdns-recursor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-50868
Medium prioritySome fixes available 20 of 42
The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random...
7 affected packages
bind9, bind9-libs, dnsmasq, isc-dhcp, knot-resolver...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| bind9 | Fixed | Fixed | Fixed | Fixed | Fixed |
| bind9-libs | Not in release | Needs evaluation | Needs evaluation | Not in release | Not in release |
| dnsmasq | Fixed | Fixed | Fixed | Fixed | Fixed |
| isc-dhcp | Needs evaluation | Not affected | Not affected | Needs evaluation | Not affected |
| knot-resolver | Vulnerable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| pdns-recursor | Vulnerable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| unbound | Fixed | Fixed | Fixed | Needs evaluation | Needs evaluation |
CVE-2023-50387
Medium prioritySome fixes available 20 of 42
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of...
7 affected packages
bind9, bind9-libs, dnsmasq, isc-dhcp, knot-resolver...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| bind9 | Fixed | Fixed | Fixed | Fixed | Fixed |
| bind9-libs | Not in release | Needs evaluation | Needs evaluation | Not in release | Not in release |
| dnsmasq | Fixed | Fixed | Fixed | Fixed | Fixed |
| isc-dhcp | Needs evaluation | Not affected | Not affected | Needs evaluation | Not affected |
| knot-resolver | Vulnerable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| pdns-recursor | Vulnerable | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| unbound | Fixed | Fixed | Fixed | Needs evaluation | Needs evaluation |
CVE-2023-26437
Medium priorityDenial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: through 4.6.5, through 4.7.4 , through 4.8.3.
1 affected package
pdns-recursor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2023-22617
Medium priorityA remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. This is fixed in 4.8.1.
1 affected package
pdns-recursor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-37428
Medium priorityPowerDNS Recursor up to and including 4.5.9, 4.6.2 and 4.7.1, when protobuf logging is enabled, has Improper Cleanup upon a Thrown Exception, leading to a denial of service (daemon crash) via a DNS query that leads to an answer...
1 affected package
pdns-recursor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2022-27227
Medium prioritySome fixes available 6 of 12
In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes...
2 affected packages
pdns, pdns-recursor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| pdns | Not affected | Fixed | Fixed | Fixed | Ignored |
| pdns-recursor | Not affected | Fixed | Fixed | Fixed | Ignored |
CVE-2021-36754
Low priorityPowerDNS Authoritative Server 4.5.0 before 4.5.1 allows anybody to crash the process by sending a specific query (QTYPE 65535) that causes an out-of-bounds exception.
1 affected package
pdns
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| pdns | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2020-25829
Medium priorityAn issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of...
1 affected package
pdns-recursor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| pdns-recursor | Not affected | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |