This page lists publicly disclosed CVE vulnerabilities affecting powerdns authoritative_server (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-27227 | In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers. | [email protected] | 7.5 | 0.05% | 2022-03-25 | 2024-11-21 |
| CVE-2021-36754 | PowerDNS Authoritative Server 4.5.0 before 4.5.1 allows anybody to crash the process by sending a specific query (QTYPE 65535) that causes an out-of-bounds exception. | [email protected] | 7.5 | 91.83% | 2021-07-30 | 2024-11-21 |
| CVE-2019-10203 | PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS. | [email protected] | 4.3 | 0.01% | 2019-11-22 | 2024-11-21 |
| CVE-2019-3871 | A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend, allowing a remote user to cause a denial of service by making the server connect to an invalid endpoint, or possibly information disclosure by making the server connect to an internal endpoint and somehow extracting meaningful information about the response | [email protected] | 6.5 | 0.03% | 2019-03-21 | 2024-11-21 |
| CVE-2016-6172 | PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response. | [email protected] | 6.8 | 0.01% | 2016-09-26 | 2026-05-06 |
| CVE-2012-0206 | common_startup.cc in PowerDNS (aka pdns) Authoritative Server before 2.9.22.5 and 3.x before 3.0.1 allows remote attackers to cause a denial of service (packet loop) via a crafted UDP DNS response. | [email protected] | 5.0 | 0.01% | 2012-02-17 | 2026-04-29 |
| CVE-2008-3337 | PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which might make it easier for remote attackers to poison DNS caches of other products running on other servers, a different issue than CVE-2008-1447 and CVE-2008-3217. | [email protected] | 6.4 | 0.02% | 2008-08-08 | 2026-04-23 |