Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:HPE Helion OpenStack 8 package pdns, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (11)
CVE-2020-9543 — CVSS 8.3 (high): OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows attackers to view, update, delete, or share resources that do not belong…
CVE-2018-1046 — CVSS 7.8 (high): pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative…
CVE-2019-11596 — CVSS 7.5 (high): In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of…
CVE-2017-5637 — CVSS 7.5 (high): Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused…
CVE-2019-15026 — CVSS 7.5 (high): memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.
CVE-2020-5247 — CVSS 6.5 (medium): In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can…
CVE-2019-3871 — CVSS 6.5 (medium): A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from…
CVE-2019-0201 — CVSS 5.9 (medium): An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t check any…
CVE-2018-10851 — CVSS 5.3 (medium): PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9…
CVE-2018-14626 — CVSS 5.3 (medium): PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS Recursor 4.0.0 up to 4.1.4 inclusive are vulnerable to a packet…
CVE-2020-17482 — CVSS 4.3 (medium): An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records…