When incoming DNS over HTTPS support is enabled using the nghttp2 provider, and queries are routed to a tcp-only or DNS over TLS backend, an attacker can trigger an assertion failure in DNSdist by sending a request for a zone transfer (AXFR or IXFR) over DNS over HTTPS, causing the process to stop....
7.5CVSS
6.6AI Score
0.0004EPSS
An issue has been found in PowerDNS DNSDist before 1.3.3 allowing a remote attacker to craft a DNS query with trailing data such that the addition of a record by dnsdist, for example an OPT record when adding EDNS Client Subnet, might result in the trailing data being smuggled to the backend as a.....
5.9CVSS
5.8AI Score
0.002EPSS
An issue has been found in dnsdist before 1.2.0 in the way EDNS0 OPT records are handled when parsing responses from a backend. When dnsdist is configured to add EDNS Client Subnet to a query, the response may contain an EDNS0 OPT record that has to be removed before forwarding the response to the....
7.5CVSS
7.8AI Score
0.002EPSS
dnsdist version 1.1.0 is vulnerable to a flaw in authentication mechanism for REST API potentially allowing CSRF...
8.8CVSS
8.5AI Score
0.001EPSS