Browse all 53 CVE security advisories affecting PowerDNS. AI-powered Chinese analysis, POCs, and references for each vulnerability.
PowerDNS is an open-source authoritative and recursive DNS server widely deployed to resolve domain names for internet infrastructure. Its extensive attack surface has resulted in fifty-three recorded CVEs, reflecting the complexity of its configuration and extension mechanisms. Historically, vulnerabilities have predominantly involved remote code execution, buffer overflows, and denial-of-service conditions, often stemming from improper input validation in the recursor or authoritative server components. While the software itself is robust, security incidents frequently arise from misconfigurations or unpatched third-party modules rather than fundamental architectural flaws. The project maintains a responsible disclosure process, though the high volume of past issues highlights the challenges of maintaining security in a feature-rich, C++-based codebase. Administrators must prioritize regular updates and strict access controls to mitigate risks associated with these known weaknesses in the DNS resolution ecosystem.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2017-15092 | PowerDNS Recursor 跨站脚本漏洞 — PowerDNS RecursorCWE-79 | 6.1 | - | 2018-01-23 |
| CVE-2017-15093 | PowerDNS Recursor 安全漏洞 — PowerDNS RecursorCWE-20 | 5.3 | - | 2018-01-23 |
| CVE-2017-15094 | PowerDNS Recursor 安全漏洞 — PowerDNS RecursorCWE-401 | 5.9 | - | 2018-01-23 |
This page lists every published CVE security advisory associated with PowerDNS. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.