PowerDNS Recursor 4.8.0

CPE Details

PowerDNS Recursor 4.8.0
4.8.0
2023-04-10
10h49 +00:00
2023-05-11
12h04 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:powerdns:recursor:4.8.0:-:*:*:*:*:*:*

Informations

Vendor

powerdns

Product

recursor

Version

4.8.0

Update

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-50387 2024-02-13 23h00 +00:00 Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.
7.5
High
CVE-2023-26437 2023-04-04 14h37 +00:00 Denial of service vulnerability in PowerDNS Recursor allows authoritative servers to be marked unavailable.This issue affects Recursor: through 4.6.5, through 4.7.4 , through 4.8.3.
5.3
Medium
CVE-2023-22617 2023-01-20 23h00 +00:00 A remote attacker might be able to cause infinite recursion in PowerDNS Recursor 4.8.0 via a DNS query that retrieves DS records for a misconfigured domain, because QName minimization is used in QM fallback mode. This is fixed in 4.8.1.
7.5
High