Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/pdns-recursor@4.1.9-r0?arch=aarch64&distroversion=v3.23&reponame=community

Type apk

Namespace alpine

Name pdns-recursor

Version 4.1.9-r0

Qualifiers

arch	aarch64
distroversion	v3.23
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 4.3.1-r0

Latest_non_vulnerable_version 5.3.6-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-zbr8-wzq5-6bg8

vulnerability_id VCID-zbr8-wzq5-6bg8

summary An issue has been found in PowerDNS Recursor versions after 4.1.3 before 4.1.9 where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-3806

reference_id

reference_type

scores

value	0.00057
scoring_system	epss
scoring_elements	0.18088
published_at	2026-06-04T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.18167
published_at	2026-06-05T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.18169
published_at	2026-06-06T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.18131
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-3806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3806

reference_url	https://security.archlinux.org/ASA-201901-13
reference_id	ASA-201901-13
reference_type
scores
url	https://security.archlinux.org/ASA-201901-13

reference_url

https://security.archlinux.org/AVG-856

reference_id

AVG-856

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-856

fixed_packages

url	pkg:apk/alpine/pdns-recursor@4.1.9-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/pdns-recursor@4.1.9-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/pdns-recursor@4.1.9-r0%3Farch=aarch64&distroversion=v3.23&reponame=community

aliases CVE-2019-3806

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zbr8-wzq5-6bg8

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/pdns-recursor@4.1.9-r0%3Farch=aarch64&distroversion=v3.23&reponame=community

Package Instance