{"id":"CVE-2019-10163","details":"A Vulnerability has been found in PowerDNS Authoritative Server before versions 4.1.9, 4.0.8 allowing a remote, authorized master server to cause a high CPU load or even prevent any further updates to any slave zone by sending a large number of NOTIFY messages. Note that only servers configured as slaves are affected by this issue.","modified":"2026-03-10T22:04:36.473516Z","published":"2019-07-30T23:15:12.263Z","related":["MGASA-2020-0375","openSUSE-SU-2019:1904-1","openSUSE-SU-2019:1921-1","openSUSE-SU-2024:11156-1"],"references":[{"type":"WEB"},{"type":"ADVISORY","url":"https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-05.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00036.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00054.html"},{"type":"ADVISORY","url":"https://blog.powerdns.com/2019/06/21/powerdns-authoritative-server-4-0-8-and-4-1-10-released/"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10163"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/powerdns/pdns","events":[{"introduced":"ba64cecd417688dc39c75e92f1a23b91f7f46d64"},{"fixed":"fdd1fca63fc4949984b501ed1bca8fa01a23fc61"},{"introduced":"80da1b4773cbdad76755b01c70739059d6f607af"},{"fixed":"924b641ce41fddda352d6982b77394671deeef94"},{"introduced":"0"},{"last_affected":"80da1b4773cbdad76755b01c70739059d6f607af"}],"database_specific":{"versions":[{"introduced":"4.0.0"},{"fixed":"4.0.8"},{"introduced":"4.1.0"},{"fixed":"4.1.9"},{"introduced":"0"},{"last_affected":"4.1.0-NA"}]}}],"versions":["auth-4.0.0","auth-4.0.1","auth-4.1.0","auth-4.1.0-rc1","auth-4.1.0-rc2","auth-4.1.0-rc3","dnsdist-1.1.0","dnsdist-1.1.0-beta1","dnsdist-1.1.0-beta2","dnsdist-1.2.0","rec-4.0.0","rec-4.0.1","rec-4.0.2","rec-4.1.0","rec-4.1.0-alpha1","rec-4.1.0-rc1","rec-4.1.0-rc2","rec-4.1.0-rc3","rec-4.1.1","rec-4.1.2","rec-4.1.3","rec-4.1.4","rec-4.1.5","rec-4.1.6","rec-4.1.7","rec-4.1.8"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"sle-15-NA"}]},{"events":[{"introduced":"0"},{"last_affected":"sle-15-sp1"}]},{"events":[{"introduced":"0"},{"last_affected":"15.0"}]},{"events":[{"introduced":"0"},{"last_affected":"15.1"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-10163.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}]}