Authoritative@4.3.0 Security Vulnerabilities and Issues — Authoritative@4.3.0 CVE List

Lucene search

PowerdnsAuthoritative4.3.0

3 matches found

CVE•added 2020/10/02 9:15 a.m.•137 views

CVE-2020-24698

An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution. by sending crafted queries with a GSS-TSIG signature.

9.8CVSS9.7AI score0.00033EPSS

CVE•added 2020/10/02 9:15 a.m.•70 views

CVE-2020-24696

An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG signature.

8.1CVSS8.6AI score0.00075EPSS

CVE•added 2020/10/02 9:15 a.m.•66 views

CVE-2020-24697

An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can cause a denial of service by sending crafted queries with a GSS-TSIG signature.

7.5CVSS7.6AI score0.00129EPSS