CVE-2019-3806

Summary

An issue has been found in PowerDNS Recursor versions after 4.1.3 before 4.1.9 where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua.

Affected Software

VendorProductVersion RangeStatus
Power DNSpdns-recursorversions after 4.1.3 before 4.1.9affected

Weaknesses

  • CWE-358: CWE-358

ADP Enrichment

CVE Program Container

Additional References

References