Powerdns

Recursor

38 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-30192

  • EPSS 0.02%
  • Published 21.07.2025 12:49:31
  • Last modified 22.07.2025 13:06:07

An attacker spoofing answers to ECS enabled requests sent out by the Recursor has a chance of success higher than non-ECS enabled queries. The updated version include various mitigations against spoofing attempts of ECS enabled queries by chaining E...

7.5

CVE-2025-30195

  • EPSS 0.08%
  • Published 07.04.2025 13:24:17
  • Last modified 07.04.2025 16:15:25

An attacker can publish a zone containing specific Resource Record Sets. Processing and caching results for these sets can lead to an illegal memory accesses and crash of the Recursor, causing a denial of service. The remedy is: upgrade to the patch...

7.5

CVE-2024-25590

  • EPSS 0.51%
  • Published 03.10.2024 16:15:04
  • Last modified 21.11.2024 09:01:02

An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service.

7.5

CVE-2024-25583

  • EPSS 0.01%
  • Published 25.04.2024 10:15:08
  • Last modified 13.02.2025 18:17:14

A crafted response from an upstream server the recursor has been configured to forward-recurse to can cause a Denial of Service in the Recursor. The default configuration of the Recursor does not use recursive forwarding and is not affected.

7.5

CVE-2023-50387

Media report
  • EPSS 42.22%
  • Published 14.02.2024 16:15:45
  • Last modified 12.05.2025 15:15:56

Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that,...

5.3

CVE-2023-26437

  • EPSS 0.01%
  • Published 04.04.2023 15:15:08
  • Last modified 13.02.2025 17:16:12

Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: through 4.6.5, through 4.7.4 , through 4.8.3.

7.5

CVE-2023-22617

  • EPSS 0.25%
  • Published 21.01.2023 19:15:11
  • Last modified 03.04.2025 15:15:42

A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. This is fixed in 4.8.1.

6.5

CVE-2022-37428

  • EPSS 0.03%
  • Published 23.08.2022 17:15:15
  • Last modified 21.11.2024 07:14:58

PowerDNS Recursor up to and including 4.5.9, 4.6.2 and 4.7.1, when protobuf logging is enabled, has Improper Cleanup upon a Thrown Exception, leading to a denial of service (daemon crash) via a DNS query that leads to an answer with specific properti...

7.5

CVE-2022-27227

  • EPSS 0.11%
  • Published 25.03.2022 15:15:07
  • Last modified 21.11.2024 06:55:27

In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfer...

7.5

CVE-2020-25829

  • EPSS 0.35%
  • Published 16.10.2020 06:15:12
  • Last modified 21.11.2024 05:18:51

An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC...