Filtered by vendor Powerdns
Subscribe
Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-24698 | 1 Powerdns | 1 Authoritative | 2020-10-08 | 6.8 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution. by sending crafted queries with a GSS-TSIG signature. | |||||
| CVE-2019-3807 | 1 Powerdns | 1 Recursor | 2019-10-09 | 6.4 MEDIUM | 9.8 CRITICAL |
| An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an attacker to bypass DNSSEC validation. | |||||