CVE-2020-17482

Опубликовано: 02 окт. 2020

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory.

Ссылки

https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html
Vendor Advisory
https://github.com/PowerDNS/pdns
Third Party Advisory
https://security.gentoo.org/glsa/202012-18
Third Party Advisory
https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2020-05.html
Vendor Advisory
https://github.com/PowerDNS/pdns
Third Party Advisory
https://security.gentoo.org/glsa/202012-18
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:powerdns:authoritative:*:*:*:*:*:*:*:*

Версия до 4.3.1 (исключая)

EPSS

Процентиль: 24%

0.00079

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-908

Связанные уязвимости

CVE-2020-17482

CVSS3: 4.3

ubuntu

больше 5 лет назад

CVE-2020-17482

CVSS3: 4.3

debian

больше 5 лет назад

An issue has been found in PowerDNS Authoritative Server before 4.3.1 ...

openSUSE-SU-2020:1556-1

suse-cvrf

больше 5 лет назад

Security update for pdns

GHSA-rwvv-h93r-mw45

github

больше 3 лет назад

EPSS

Процентиль: 24%

0.00079

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-908