VDB
CVE-2021-36754
CVE-2021-36754
PUBLISHED
CVSS 7.5 HIGH
PowerDNS Authoritative Server 4.5.0 before 4.5.1 allows anybody to crash the process by sending a specific query (QTYPE 65535) that causes an out-of-bounds exception.
EPSS 91.83% · 99.7th percentile
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
91.83%
99.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| powerdns | authoritative_server | 4.5.0 |
| n/a | n/a | * |
Exploit Intelligence
- CIRCL seen: CVE-2021-36754 (circl-sighting)
- CIRCL seen: CVE-2021-36754 (circl-sighting)
- https://doc.powerdns.com/authoritative/security-advisories/index.html (circl)
- [oss-security] 20210726 security advisory 2021-01 for PowerDNS Authoritative Server 4.5.0 (circl)
- https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2021-01.html (circl)
Timeline
- Jul 27, 2021 EPSS Score
- Jul 27, 2021 CVE Published
- Sep 24, 2021 EPSS Score
- Oct 9, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Mar 21, 2022 EPSS Score
- May 19, 2022 EPSS Score
- Sep 15, 2022 EPSS Score
- Jan 12, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 18, 2023 EPSS Score
References
- https://doc.powerdns.com/authoritative/security-advisories/index.html url
- [oss-security] 20210726 security advisory 2021-01 for PowerDNS Authoritative Server 4.5.0 mailing-list
- https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2021-01.html url
- https://nvd.nist.gov/vuln/detail/CVE-2021-36754 advisory