debian · CVE-2022-27227

Quick triage

Priority: end-of-life Published: Updated: Fri, 17 Jul 2026 14:09:35 GMT

View at Official debian advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2022-27227 end-of-life priority: Debian including 2 source packages (pdns, pdns-recursor), 10 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 8, open 2.

Description:

In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.

cvelogic Threat Intelligence