Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:alpm/archlinux/powerdns-recursor@4.1.8-1
Typealpm
Namespacearchlinux
Namepowerdns-recursor
Version4.1.8-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.1.9-1
Latest_non_vulnerable_version4.6.1-1
Affected_by_vulnerabilities
0
url VCID-2hee-f8gq-rycf
vulnerability_id VCID-2hee-f8gq-rycf
summary An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an attacker to bypass DNSSEC validation.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3807
reference_id
reference_type
scores
0
value 3e-05
scoring_system epss
scoring_elements 0.00114
published_at 2026-05-14T12:55:00Z
1
value 3e-05
scoring_system epss
scoring_elements 0.00118
published_at 2026-04-13T12:55:00Z
2
value 3e-05
scoring_system epss
scoring_elements 0.00119
published_at 2026-04-26T12:55:00Z
3
value 3e-05
scoring_system epss
scoring_elements 0.00115
published_at 2026-05-09T12:55:00Z
4
value 3e-05
scoring_system epss
scoring_elements 0.00116
published_at 2026-05-07T12:55:00Z
5
value 3e-05
scoring_system epss
scoring_elements 0.00117
published_at 2026-05-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3807
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3807
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3807
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3807
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3807
3
reference_url https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-02.html
reference_id
reference_type
scores
url https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-02.html
4
reference_url https://security.archlinux.org/ASA-201901-13
reference_id ASA-201901-13
reference_type
scores
url https://security.archlinux.org/ASA-201901-13
5
reference_url https://security.archlinux.org/AVG-856
reference_id AVG-856
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-856
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3807
reference_id CVE-2019-3807
reference_type
scores
0
value 6.4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:N
1
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
2
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-3807
fixed_packages
0
url pkg:alpm/archlinux/powerdns-recursor@4.1.9-1
purl pkg:alpm/archlinux/powerdns-recursor@4.1.9-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/powerdns-recursor@4.1.9-1
aliases CVE-2019-3807
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2hee-f8gq-rycf
1
url VCID-vua1-5kz6-hban
vulnerability_id VCID-vua1-5kz6-hban
summary An issue has been found in PowerDNS Recursor versions after 4.1.3 before 4.1.9 where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3806
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06756
published_at 2026-05-14T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06701
published_at 2026-05-09T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06708
published_at 2026-05-11T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06725
published_at 2026-05-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-01T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06264
published_at 2026-04-02T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-04T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.0626
published_at 2026-04-07T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06305
published_at 2026-04-08T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06346
published_at 2026-04-09T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06338
published_at 2026-04-11T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06333
published_at 2026-04-12T12:55:00Z
12
value 0.00024
scoring_system epss
scoring_elements 0.06322
published_at 2026-04-13T12:55:00Z
13
value 0.00024
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-16T12:55:00Z
14
value 0.00024
scoring_system epss
scoring_elements 0.06287
published_at 2026-04-18T12:55:00Z
15
value 0.00024
scoring_system epss
scoring_elements 0.06434
published_at 2026-04-21T12:55:00Z
16
value 0.00024
scoring_system epss
scoring_elements 0.06449
published_at 2026-04-24T12:55:00Z
17
value 0.00024
scoring_system epss
scoring_elements 0.06473
published_at 2026-04-26T12:55:00Z
18
value 0.00024
scoring_system epss
scoring_elements 0.06486
published_at 2026-04-29T12:55:00Z
19
value 0.00024
scoring_system epss
scoring_elements 0.06509
published_at 2026-05-05T12:55:00Z
20
value 0.00024
scoring_system epss
scoring_elements 0.06637
published_at 2026-05-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3806
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3806
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3806
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3806
3
reference_url https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-01.html
reference_id
reference_type
scores
url https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-01.html
4
reference_url https://security.archlinux.org/ASA-201901-13
reference_id ASA-201901-13
reference_type
scores
url https://security.archlinux.org/ASA-201901-13
5
reference_url https://security.archlinux.org/AVG-856
reference_id AVG-856
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-856
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:powerdns:recursor:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-3806
reference_id CVE-2019-3806
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:H
2
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-3806
fixed_packages
0
url pkg:alpm/archlinux/powerdns-recursor@4.1.9-1
purl pkg:alpm/archlinux/powerdns-recursor@4.1.9-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/powerdns-recursor@4.1.9-1
aliases CVE-2019-3806
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vua1-5kz6-hban
Fixing_vulnerabilities
0
url VCID-d4km-jg6b-2kh3
vulnerability_id VCID-d4km-jg6b-2kh3
summary An issue has been found in PowerDNS Recursor before version 4.1.8 where a remote attacker sending a DNS query can trigger an out-of-bounds memory read while computing the hash of the query for a packet cache lookup, possibly leading to a crash.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16855
reference_id
reference_type
scores
0
value 0.19834
scoring_system epss
scoring_elements 0.95515
published_at 2026-05-14T12:55:00Z
1
value 0.19834
scoring_system epss
scoring_elements 0.95413
published_at 2026-04-01T12:55:00Z
2
value 0.19834
scoring_system epss
scoring_elements 0.95422
published_at 2026-04-02T12:55:00Z
3
value 0.19834
scoring_system epss
scoring_elements 0.95428
published_at 2026-04-04T12:55:00Z
4
value 0.19834
scoring_system epss
scoring_elements 0.95432
published_at 2026-04-07T12:55:00Z
5
value 0.19834
scoring_system epss
scoring_elements 0.95438
published_at 2026-04-08T12:55:00Z
6
value 0.19834
scoring_system epss
scoring_elements 0.95441
published_at 2026-04-09T12:55:00Z
7
value 0.19834
scoring_system epss
scoring_elements 0.95445
published_at 2026-04-12T12:55:00Z
8
value 0.19834
scoring_system epss
scoring_elements 0.95447
published_at 2026-04-13T12:55:00Z
9
value 0.19834
scoring_system epss
scoring_elements 0.95456
published_at 2026-04-16T12:55:00Z
10
value 0.19834
scoring_system epss
scoring_elements 0.9546
published_at 2026-04-18T12:55:00Z
11
value 0.19834
scoring_system epss
scoring_elements 0.95464
published_at 2026-04-21T12:55:00Z
12
value 0.19834
scoring_system epss
scoring_elements 0.95466
published_at 2026-04-24T12:55:00Z
13
value 0.19834
scoring_system epss
scoring_elements 0.95467
published_at 2026-04-29T12:55:00Z
14
value 0.19834
scoring_system epss
scoring_elements 0.95477
published_at 2026-05-05T12:55:00Z
15
value 0.19834
scoring_system epss
scoring_elements 0.95485
published_at 2026-05-07T12:55:00Z
16
value 0.19834
scoring_system epss
scoring_elements 0.95492
published_at 2026-05-09T12:55:00Z
17
value 0.19834
scoring_system epss
scoring_elements 0.95498
published_at 2026-05-11T12:55:00Z
18
value 0.19834
scoring_system epss
scoring_elements 0.95502
published_at 2026-05-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16855
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16855
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16855
2
reference_url https://security.archlinux.org/ASA-201811-21
reference_id ASA-201811-21
reference_type
scores
url https://security.archlinux.org/ASA-201811-21
3
reference_url https://security.archlinux.org/AVG-821
reference_id AVG-821
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-821
fixed_packages
0
url pkg:alpm/archlinux/powerdns-recursor@4.1.8-1
purl pkg:alpm/archlinux/powerdns-recursor@4.1.8-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2hee-f8gq-rycf
1
vulnerability VCID-vua1-5kz6-hban
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/powerdns-recursor@4.1.8-1
aliases CVE-2018-16855
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d4km-jg6b-2kh3
Risk_score4.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/powerdns-recursor@4.1.8-1