{"url":"http://public2.vulnerablecode.io/api/packages/1037090?format=json","purl":"pkg:deb/debian/pdns@4.0.3-1%2Bdeb9u5","type":"deb","namespace":"debian","name":"pdns","version":"4.0.3-1+deb9u5","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.9.7-1","latest_non_vulnerable_version":"4.9.7-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93561?format=json","vulnerability_id":"VCID-4c2u-n7p5-nfg4","summary":"PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS Recursor 4.0.0 up to 4.1.4 inclusive are vulnerable to a packet cache pollution via crafted query that can lead to denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14626","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12488","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12642","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12605","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12635","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12739","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12785","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12592","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12671","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12723","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12691","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1265","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12606","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1251","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12518","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12632","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14626"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913162","reference_id":"913162","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913162"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913163","reference_id":"913163","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913163"},{"reference_url":"https://security.archlinux.org/ASA-201811-12","reference_id":"ASA-201811-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-12"},{"reference_url":"https://security.archlinux.org/ASA-201811-13","reference_id":"ASA-201811-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-13"},{"reference_url":"https://security.archlinux.org/AVG-804","reference_id":"AVG-804","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-804"},{"reference_url":"https://security.archlinux.org/AVG-805","reference_id":"AVG-805","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-805"},{"reference_url":"https://usn.ubuntu.com/7203-1/","reference_id":"USN-7203-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7203-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049940?format=json","purl":"pkg:deb/debian/pdns@4.1.6-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ez68-8ben-nuef"},{"vulnerability":"VCID-m7h2-vam9-1yhn"},{"vulnerability":"VCID-qbnt-a5xe-2bg6"},{"vulnerability":"VCID-w3fn-hwyn-6ba7"},{"vulnerability":"VCID-zcxy-ae2g-3kdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.1.6-3%252Bdeb10u1"}],"aliases":["CVE-2018-14626"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4c2u-n7p5-nfg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79054?format=json","vulnerability_id":"VCID-5efj-fcg6-cuc5","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10162","reference_id":"","reference_type":"","scores":[{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0067","published_at":"2026-04-29T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0064","published_at":"2026-04-01T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00644","published_at":"2026-04-02T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00637","published_at":"2026-04-04T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00639","published_at":"2026-04-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00638","published_at":"2026-04-08T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00632","published_at":"2026-04-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00631","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00626","published_at":"2026-04-18T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00628","published_at":"2026-04-13T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0062","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00667","published_at":"2026-04-21T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00666","published_at":"2026-04-24T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00669","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10162"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10162","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10162"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10163","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10163"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049940?format=json","purl":"pkg:deb/debian/pdns@4.1.6-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ez68-8ben-nuef"},{"vulnerability":"VCID-m7h2-vam9-1yhn"},{"vulnerability":"VCID-qbnt-a5xe-2bg6"},{"vulnerability":"VCID-w3fn-hwyn-6ba7"},{"vulnerability":"VCID-zcxy-ae2g-3kdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.1.6-3%252Bdeb10u1"}],"aliases":["CVE-2019-10162"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5efj-fcg6-cuc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79055?format=json","vulnerability_id":"VCID-8fks-8s21-b7b4","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10163","reference_id":"","reference_type":"","scores":[{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00736","published_at":"2026-04-29T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00706","published_at":"2026-04-04T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00709","published_at":"2026-04-08T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.0071","published_at":"2026-04-07T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.007","published_at":"2026-04-11T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00694","published_at":"2026-04-12T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00693","published_at":"2026-04-18T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00687","published_at":"2026-04-16T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00735","published_at":"2026-04-21T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00737","published_at":"2026-04-24T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00738","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10163"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10162","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10162"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10163","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10163"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049940?format=json","purl":"pkg:deb/debian/pdns@4.1.6-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ez68-8ben-nuef"},{"vulnerability":"VCID-m7h2-vam9-1yhn"},{"vulnerability":"VCID-qbnt-a5xe-2bg6"},{"vulnerability":"VCID-w3fn-hwyn-6ba7"},{"vulnerability":"VCID-zcxy-ae2g-3kdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.1.6-3%252Bdeb10u1"}],"aliases":["CVE-2019-10163"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8fks-8s21-b7b4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93458?format=json","vulnerability_id":"VCID-ch2d-p2ru-23ex","summary":"PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10851","reference_id":"","reference_type":"","scores":[{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.2874","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28924","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28811","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29135","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.2921","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29262","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29075","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29138","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.2918","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29186","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.2914","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29088","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29114","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29091","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29044","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10851"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913162","reference_id":"913162","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913162"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913163","reference_id":"913163","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913163"},{"reference_url":"https://security.archlinux.org/ASA-201811-12","reference_id":"ASA-201811-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-12"},{"reference_url":"https://security.archlinux.org/ASA-201811-13","reference_id":"ASA-201811-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-13"},{"reference_url":"https://security.archlinux.org/AVG-804","reference_id":"AVG-804","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-804"},{"reference_url":"https://security.archlinux.org/AVG-805","reference_id":"AVG-805","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-805"},{"reference_url":"https://usn.ubuntu.com/7203-1/","reference_id":"USN-7203-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7203-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049940?format=json","purl":"pkg:deb/debian/pdns@4.1.6-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ez68-8ben-nuef"},{"vulnerability":"VCID-m7h2-vam9-1yhn"},{"vulnerability":"VCID-qbnt-a5xe-2bg6"},{"vulnerability":"VCID-w3fn-hwyn-6ba7"},{"vulnerability":"VCID-zcxy-ae2g-3kdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.1.6-3%252Bdeb10u1"}],"aliases":["CVE-2018-10851"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ch2d-p2ru-23ex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94498?format=json","vulnerability_id":"VCID-ez68-8ben-nuef","summary":"An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can trigger a race condition leading to a crash, or possibly arbitrary code execution, by sending crafted queries with a GSS-TSIG signature.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24696","reference_id":"","reference_type":"","scores":[{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22579","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22751","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22795","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22586","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22662","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22713","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22732","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22693","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22636","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22652","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22649","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.226","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22446","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22436","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22434","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24696"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049941?format=json","purl":"pkg:deb/debian/pdns@4.4.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6pjd-r9ca-rbgg"},{"vulnerability":"VCID-6uz8-kz5m-8ya9"},{"vulnerability":"VCID-7dc3-qdk8-k7b2"},{"vulnerability":"VCID-chzq-qej6-rkdq"},{"vulnerability":"VCID-g4df-vh2e-abch"},{"vulnerability":"VCID-pfhu-1qdf-p7d5"},{"vulnerability":"VCID-xa6z-cw1x-7qba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.4.1-1"}],"aliases":["CVE-2020-24696"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ez68-8ben-nuef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93451?format=json","vulnerability_id":"VCID-jrb1-cuhc-nqa1","summary":"pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution. This buffer overflow only occurs when the -ecs-stamp option of dnsreplay is used.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1046","reference_id":"","reference_type":"","scores":[{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00056","published_at":"2026-04-29T12:55:00Z"},{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00052","published_at":"2026-04-09T12:55:00Z"},{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00057","published_at":"2026-04-21T12:55:00Z"},{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00058","published_at":"2026-04-26T12:55:00Z"},{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00054","published_at":"2026-04-18T12:55:00Z"},{"value":"2e-05","scoring_system":"epss","scoring_elements":"0.00053","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1046"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1046","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1046"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1046","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1046"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898255","reference_id":"898255","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898255"},{"reference_url":"https://security.archlinux.org/ASA-201805-1","reference_id":"ASA-201805-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201805-1"},{"reference_url":"https://security.archlinux.org/AVG-686","reference_id":"AVG-686","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-686"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:pdns:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:powerdns:pdns:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:pdns:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1046","reference_id":"CVE-2018-1046","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1046"},{"reference_url":"https://usn.ubuntu.com/7203-1/","reference_id":"USN-7203-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7203-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049940?format=json","purl":"pkg:deb/debian/pdns@4.1.6-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ez68-8ben-nuef"},{"vulnerability":"VCID-m7h2-vam9-1yhn"},{"vulnerability":"VCID-qbnt-a5xe-2bg6"},{"vulnerability":"VCID-w3fn-hwyn-6ba7"},{"vulnerability":"VCID-zcxy-ae2g-3kdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.1.6-3%252Bdeb10u1"}],"aliases":["CVE-2018-1046"],"risk_score":4.2,"exploitability":"0.5","weighted_severity":"8.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jrb1-cuhc-nqa1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93138?format=json","vulnerability_id":"VCID-keaf-6ca3-vkbc","summary":"An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some operations that have an impact on the state of the server are still allowed even though the API has been configured as read-only via the api-readonly keyword. This missing check allows an attacker with valid API credentials to flush the cache, trigger a zone transfer or send a NOTIFY.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15091","reference_id":"","reference_type":"","scores":[{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00069","published_at":"2026-04-18T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00071","published_at":"2026-04-29T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00072","published_at":"2026-04-21T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.0007","published_at":"2026-04-04T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00068","published_at":"2026-04-16T12:55:00Z"},{"value":"3e-05","scoring_system":"epss","scoring_elements":"0.00073","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15091"},{"reference_url":"https://security.archlinux.org/ASA-201711-30","reference_id":"ASA-201711-30","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-30"},{"reference_url":"https://security.archlinux.org/AVG-519","reference_id":"AVG-519","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-519"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049940?format=json","purl":"pkg:deb/debian/pdns@4.1.6-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ez68-8ben-nuef"},{"vulnerability":"VCID-m7h2-vam9-1yhn"},{"vulnerability":"VCID-qbnt-a5xe-2bg6"},{"vulnerability":"VCID-w3fn-hwyn-6ba7"},{"vulnerability":"VCID-zcxy-ae2g-3kdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.1.6-3%252Bdeb10u1"}],"aliases":["CVE-2017-15091"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-keaf-6ca3-vkbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42272?format=json","vulnerability_id":"VCID-m7h2-vam9-1yhn","summary":"An information disclosure vulnerability in PowerDNS allow remote\n    attackers to obtain sensitive information.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-17482","reference_id":"","reference_type":"","scores":[{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15547","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.1559","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15657","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15457","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15544","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15599","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15563","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15525","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15461","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15387","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15392","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15444","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15484","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15483","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15426","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-17482"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17482","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17482"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970737","reference_id":"970737","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970737"},{"reference_url":"https://security.gentoo.org/glsa/202012-18","reference_id":"GLSA-202012-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-18"},{"reference_url":"https://usn.ubuntu.com/7203-1/","reference_id":"USN-7203-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7203-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049941?format=json","purl":"pkg:deb/debian/pdns@4.4.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6pjd-r9ca-rbgg"},{"vulnerability":"VCID-6uz8-kz5m-8ya9"},{"vulnerability":"VCID-7dc3-qdk8-k7b2"},{"vulnerability":"VCID-chzq-qej6-rkdq"},{"vulnerability":"VCID-g4df-vh2e-abch"},{"vulnerability":"VCID-pfhu-1qdf-p7d5"},{"vulnerability":"VCID-xa6z-cw1x-7qba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.4.1-1"}],"aliases":["CVE-2020-17482"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m7h2-vam9-1yhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94499?format=json","vulnerability_id":"VCID-qbnt-a5xe-2bg6","summary":"An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker can cause a denial of service by sending crafted queries with a GSS-TSIG signature.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24697","reference_id":"","reference_type":"","scores":[{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31989","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32361","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.3251","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32545","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32368","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32417","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32444","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32448","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.3241","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32382","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32418","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32396","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32367","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32194","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32072","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24697"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24697","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24697"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049941?format=json","purl":"pkg:deb/debian/pdns@4.4.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6pjd-r9ca-rbgg"},{"vulnerability":"VCID-6uz8-kz5m-8ya9"},{"vulnerability":"VCID-7dc3-qdk8-k7b2"},{"vulnerability":"VCID-chzq-qej6-rkdq"},{"vulnerability":"VCID-g4df-vh2e-abch"},{"vulnerability":"VCID-pfhu-1qdf-p7d5"},{"vulnerability":"VCID-xa6z-cw1x-7qba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.4.1-1"}],"aliases":["CVE-2020-24697"],"risk_score":1.2,"exploitability":"0.5","weighted_severity":"2.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qbnt-a5xe-2bg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93863?format=json","vulnerability_id":"VCID-w3fn-hwyn-6ba7","summary":"PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1.x before 4.1.11, exiting when encountering a serial between 2^31 and 2^32-1 while trying to notify a slave leads to DoS.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10203","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05795","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05717","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0575","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05787","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05506","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05541","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05578","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05575","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05613","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05638","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05611","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05602","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05595","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05545","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05559","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10203","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10203"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10203","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10203"},{"reference_url":"https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-06.html","reference_id":"","reference_type":"","scores":[],"url":"https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-06.html"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970729","reference_id":"970729","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970729"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:powerdns:authoritative_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10203","reference_id":"CVE-2019-10203","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:N/A:P"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10203"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049941?format=json","purl":"pkg:deb/debian/pdns@4.4.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6pjd-r9ca-rbgg"},{"vulnerability":"VCID-6uz8-kz5m-8ya9"},{"vulnerability":"VCID-7dc3-qdk8-k7b2"},{"vulnerability":"VCID-chzq-qej6-rkdq"},{"vulnerability":"VCID-g4df-vh2e-abch"},{"vulnerability":"VCID-pfhu-1qdf-p7d5"},{"vulnerability":"VCID-xa6z-cw1x-7qba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.4.1-1"}],"aliases":["CVE-2019-10203"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w3fn-hwyn-6ba7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79401?format=json","vulnerability_id":"VCID-w9w8-k8h2-b7fc","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00022.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00022.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3871","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09193","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09071","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09226","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09272","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09218","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09152","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09156","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09207","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0913","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09211","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09239","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09242","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0921","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09196","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09091","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3871"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3871","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3871"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3871","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3871"},{"reference_url":"https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-03.html","reference_id":"","reference_type":"","scores":[],"url":"https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-03.html"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00039.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00039.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWUHF6MRSQ3YO7UUISGLV7MXCAGBW2VD/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWUHF6MRSQ3YO7UUISGLV7MXCAGBW2VD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROFI6OTWF4GKONNSNEDUCW6LVSSEBZNF/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROFI6OTWF4GKONNSNEDUCW6LVSSEBZNF/"},{"reference_url":"https://seclists.org/bugtraq/2019/Apr/8","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Apr/8"},{"reference_url":"https://www.debian.org/security/2019/dsa-4424","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4424"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/03/18/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/03/18/4"},{"reference_url":"http://www.securityfocus.com/bid/107491","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/107491"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924966","reference_id":"924966","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924966"},{"reference_url":"https://security.archlinux.org/ASA-201903-13","reference_id":"ASA-201903-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201903-13"},{"reference_url":"https://security.archlinux.org/AVG-927","reference_id":"AVG-927","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-927"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:powerdns:authoritative_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3871","reference_id":"CVE-2019-3871","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:P/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3871"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049940?format=json","purl":"pkg:deb/debian/pdns@4.1.6-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ez68-8ben-nuef"},{"vulnerability":"VCID-m7h2-vam9-1yhn"},{"vulnerability":"VCID-qbnt-a5xe-2bg6"},{"vulnerability":"VCID-w3fn-hwyn-6ba7"},{"vulnerability":"VCID-zcxy-ae2g-3kdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.1.6-3%252Bdeb10u1"}],"aliases":["CVE-2019-3871"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w9w8-k8h2-b7fc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94500?format=json","vulnerability_id":"VCID-zcxy-ae2g-3kdy","summary":"An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a crash or possibly arbitrary code execution. by sending crafted queries with a GSS-TSIG signature.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24698","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09628","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09694","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09745","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09649","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.0972","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09769","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09782","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.0975","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09734","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.0962","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09592","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09737","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.0978","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09747","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09706","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24698"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049941?format=json","purl":"pkg:deb/debian/pdns@4.4.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6pjd-r9ca-rbgg"},{"vulnerability":"VCID-6uz8-kz5m-8ya9"},{"vulnerability":"VCID-7dc3-qdk8-k7b2"},{"vulnerability":"VCID-chzq-qej6-rkdq"},{"vulnerability":"VCID-g4df-vh2e-abch"},{"vulnerability":"VCID-pfhu-1qdf-p7d5"},{"vulnerability":"VCID-xa6z-cw1x-7qba"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.4.1-1"}],"aliases":["CVE-2020-24698"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zcxy-ae2g-3kdy"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79054?format=json","vulnerability_id":"VCID-5efj-fcg6-cuc5","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10162","reference_id":"","reference_type":"","scores":[{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0067","published_at":"2026-04-29T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0064","published_at":"2026-04-01T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00644","published_at":"2026-04-02T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00637","published_at":"2026-04-04T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00639","published_at":"2026-04-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00638","published_at":"2026-04-08T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00632","published_at":"2026-04-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00631","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00626","published_at":"2026-04-18T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00628","published_at":"2026-04-13T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0062","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00667","published_at":"2026-04-21T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00666","published_at":"2026-04-24T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00669","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10162"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10162","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10162"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10163","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10163"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037090?format=json","purl":"pkg:deb/debian/pdns@4.0.3-1%2Bdeb9u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c2u-n7p5-nfg4"},{"vulnerability":"VCID-5efj-fcg6-cuc5"},{"vulnerability":"VCID-8fks-8s21-b7b4"},{"vulnerability":"VCID-ch2d-p2ru-23ex"},{"vulnerability":"VCID-ez68-8ben-nuef"},{"vulnerability":"VCID-jrb1-cuhc-nqa1"},{"vulnerability":"VCID-keaf-6ca3-vkbc"},{"vulnerability":"VCID-m7h2-vam9-1yhn"},{"vulnerability":"VCID-qbnt-a5xe-2bg6"},{"vulnerability":"VCID-w3fn-hwyn-6ba7"},{"vulnerability":"VCID-w9w8-k8h2-b7fc"},{"vulnerability":"VCID-zcxy-ae2g-3kdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.0.3-1%252Bdeb9u5"},{"url":"http://public2.vulnerablecode.io/api/packages/1049940?format=json","purl":"pkg:deb/debian/pdns@4.1.6-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ez68-8ben-nuef"},{"vulnerability":"VCID-m7h2-vam9-1yhn"},{"vulnerability":"VCID-qbnt-a5xe-2bg6"},{"vulnerability":"VCID-w3fn-hwyn-6ba7"},{"vulnerability":"VCID-zcxy-ae2g-3kdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.1.6-3%252Bdeb10u1"}],"aliases":["CVE-2019-10162"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5efj-fcg6-cuc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79055?format=json","vulnerability_id":"VCID-8fks-8s21-b7b4","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10163","reference_id":"","reference_type":"","scores":[{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00736","published_at":"2026-04-29T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00706","published_at":"2026-04-04T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00709","published_at":"2026-04-08T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.0071","published_at":"2026-04-07T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.007","published_at":"2026-04-11T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00694","published_at":"2026-04-12T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00693","published_at":"2026-04-18T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00687","published_at":"2026-04-16T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00735","published_at":"2026-04-21T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00737","published_at":"2026-04-24T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00738","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10163"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10162","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10162"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10163","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10163"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037090?format=json","purl":"pkg:deb/debian/pdns@4.0.3-1%2Bdeb9u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c2u-n7p5-nfg4"},{"vulnerability":"VCID-5efj-fcg6-cuc5"},{"vulnerability":"VCID-8fks-8s21-b7b4"},{"vulnerability":"VCID-ch2d-p2ru-23ex"},{"vulnerability":"VCID-ez68-8ben-nuef"},{"vulnerability":"VCID-jrb1-cuhc-nqa1"},{"vulnerability":"VCID-keaf-6ca3-vkbc"},{"vulnerability":"VCID-m7h2-vam9-1yhn"},{"vulnerability":"VCID-qbnt-a5xe-2bg6"},{"vulnerability":"VCID-w3fn-hwyn-6ba7"},{"vulnerability":"VCID-w9w8-k8h2-b7fc"},{"vulnerability":"VCID-zcxy-ae2g-3kdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.0.3-1%252Bdeb9u5"},{"url":"http://public2.vulnerablecode.io/api/packages/1049940?format=json","purl":"pkg:deb/debian/pdns@4.1.6-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ez68-8ben-nuef"},{"vulnerability":"VCID-m7h2-vam9-1yhn"},{"vulnerability":"VCID-qbnt-a5xe-2bg6"},{"vulnerability":"VCID-w3fn-hwyn-6ba7"},{"vulnerability":"VCID-zcxy-ae2g-3kdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.1.6-3%252Bdeb10u1"}],"aliases":["CVE-2019-10163"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8fks-8s21-b7b4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79401?format=json","vulnerability_id":"VCID-w9w8-k8h2-b7fc","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00022.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00022.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3871","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09193","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09071","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09226","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09272","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09218","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09152","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09156","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09207","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0913","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09211","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09239","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09242","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0921","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09196","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09091","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3871"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3871","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3871"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3871","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3871"},{"reference_url":"https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-03.html","reference_id":"","reference_type":"","scores":[],"url":"https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-03.html"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00039.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00039.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWUHF6MRSQ3YO7UUISGLV7MXCAGBW2VD/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWUHF6MRSQ3YO7UUISGLV7MXCAGBW2VD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROFI6OTWF4GKONNSNEDUCW6LVSSEBZNF/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROFI6OTWF4GKONNSNEDUCW6LVSSEBZNF/"},{"reference_url":"https://seclists.org/bugtraq/2019/Apr/8","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Apr/8"},{"reference_url":"https://www.debian.org/security/2019/dsa-4424","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4424"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/03/18/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/03/18/4"},{"reference_url":"http://www.securityfocus.com/bid/107491","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/107491"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924966","reference_id":"924966","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924966"},{"reference_url":"https://security.archlinux.org/ASA-201903-13","reference_id":"ASA-201903-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201903-13"},{"reference_url":"https://security.archlinux.org/AVG-927","reference_id":"AVG-927","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-927"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative_server:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:powerdns:authoritative_server:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:authoritative_server:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3871","reference_id":"CVE-2019-3871","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:P/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3871"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037090?format=json","purl":"pkg:deb/debian/pdns@4.0.3-1%2Bdeb9u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c2u-n7p5-nfg4"},{"vulnerability":"VCID-5efj-fcg6-cuc5"},{"vulnerability":"VCID-8fks-8s21-b7b4"},{"vulnerability":"VCID-ch2d-p2ru-23ex"},{"vulnerability":"VCID-ez68-8ben-nuef"},{"vulnerability":"VCID-jrb1-cuhc-nqa1"},{"vulnerability":"VCID-keaf-6ca3-vkbc"},{"vulnerability":"VCID-m7h2-vam9-1yhn"},{"vulnerability":"VCID-qbnt-a5xe-2bg6"},{"vulnerability":"VCID-w3fn-hwyn-6ba7"},{"vulnerability":"VCID-w9w8-k8h2-b7fc"},{"vulnerability":"VCID-zcxy-ae2g-3kdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.0.3-1%252Bdeb9u5"},{"url":"http://public2.vulnerablecode.io/api/packages/1049940?format=json","purl":"pkg:deb/debian/pdns@4.1.6-3%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ez68-8ben-nuef"},{"vulnerability":"VCID-m7h2-vam9-1yhn"},{"vulnerability":"VCID-qbnt-a5xe-2bg6"},{"vulnerability":"VCID-w3fn-hwyn-6ba7"},{"vulnerability":"VCID-zcxy-ae2g-3kdy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.1.6-3%252Bdeb10u1"}],"aliases":["CVE-2019-3871"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w9w8-k8h2-b7fc"}],"risk_score":"4.2","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.0.3-1%252Bdeb9u5"}