{"id":"CVE-2022-27227","details":"In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.","modified":"2026-04-02T07:54:56.244755Z","published":"2022-03-25T15:15:07.697Z","related":["openSUSE-SU-2022:0105-1","openSUSE-SU-2024:11954-1","openSUSE-SU-2024:11955-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJSKICB67SPPEGNXCQLZVSWR6QGCN3KP/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2QKN56VWXUVFOYGUN75N5IRNK66OHTHT/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HEABZA46XYEUWMGSY2GYYVHISBVWEHIO/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPHOFNI7FKM5NNOVDOWO4TBXFAFICCUE/"},{"type":"ADVISORY","url":"https://doc.powerdns.com/authoritative/security-advisories/index.html"},{"type":"ADVISORY","url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2022-01.html"},{"type":"ADVISORY","url":"https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2022-01.html"},{"type":"ADVISORY","url":"https://docs.powerdns.com/recursor/security-advisories/index.html"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2022/03/25/1"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/powerdns/pdns","events":[{"introduced":"0"},{"fixed":"8c642b6c559a4f266e3bc16e994475ba8ff23ab5"},{"introduced":"8acf42e9ad4c339b7636693ed2d22e305a2e2335"},{"fixed":"f9c4f82b7a58e243614d935ef997bc0b8c35d8e5"},{"introduced":"267458e54fe9446084c4f0ecf980b5c307d84c56"},{"fixed":"ab4a4b861a01c66a5a0840ea8209e18c084c788a"},{"introduced":"0"},{"fixed":"50c085395e81a07297ec0675f1a435e4449a7bdc"},{"introduced":"8acf42e9ad4c339b7636693ed2d22e305a2e2335"},{"fixed":"22980701dbd40c8fb8dbc9fa5f29125698dfa63b"},{"introduced":"267458e54fe9446084c4f0ecf980b5c307d84c56"},{"fixed":"ab4a4b861a01c66a5a0840ea8209e18c084c788a"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.4.3"},{"introduced":"4.5.0"},{"fixed":"4.5.4"},{"introduced":"4.6.0"},{"fixed":"4.6.1"},{"introduced":"0"},{"fixed":"4.4.8"},{"introduced":"4.5.0"},{"fixed":"4.5.8"},{"introduced":"4.6.0"},{"fixed":"4.6.1"}]}}],"versions":["auth-3.0","auth-3.0.1","auth-3.1","auth-3.1-rc1","auth-3.1-rc2","auth-3.1-rc3","auth-3.2","auth-3.2-rc1","auth-3.2-rc2","auth-3.2-rc3","auth-3.2-rc4","auth-3.3","auth-3.3-rc1","auth-3.3-rc2","auth-3.3.1","auth-3.3.2","auth-3.3.3","auth-3.4.0","auth-3.4.0-rc1","auth-3.4.0-rc2","auth-3.4.1","auth-3.4.10","auth-3.4.11","auth-3.4.2","auth-3.4.3","auth-3.4.4","auth-3.4.5","auth-3.4.6","auth-3.4.7","auth-3.4.8","auth-3.4.9","auth-4.0.0","auth-4.0.0-alpha1","auth-4.0.0-alpha2","auth-4.0.0-alpha3","auth-4.0.0-beta1","auth-4.0.0-rc1","auth-4.0.0-rc2","auth-4.0.1","auth-4.0.2","auth-4.0.3","auth-4.0.4","auth-4.0.4-rc1","auth-4.0.5","auth-4.0.6","auth-4.0.7","auth-4.0.8","auth-4.0.9","auth-4.1.0","auth-4.1.0-rc1","auth-4.1.0-rc2","auth-4.1.0-rc3","auth-4.1.1","auth-4.1.10","auth-4.1.11","auth-4.1.12","auth-4.1.13","auth-4.1.14","auth-4.1.2","auth-4.1.3","auth-4.1.4","auth-4.1.5","auth-4.1.6","auth-4.1.7","auth-4.1.8","auth-4.1.9","auth-4.2.0","auth-4.2.0-alpha1","auth-4.2.0-beta1","auth-4.2.0-rc1","auth-4.2.0-rc2","auth-4.2.0-rc3","auth-4.2.1","auth-4.2.2","auth-4.2.3","auth-4.3.0","auth-4.3.0-alpha1","auth-4.3.0-beta1","auth-4.3.0-beta2","auth-4.3.0-rc1","auth-4.3.0-rc2","auth-4.3.1","auth-4.3.2","auth-4.4.0","auth-4.4.0-alpha0","auth-4.4.0-alpha1","auth-4.4.0-alpha2","auth-4.4.0-alpha3","auth-4.4.0-beta1","auth-4.4.0-rc1","auth-4.4.1","auth-4.4.2","auth-4.4.3","auth-4.5.0","auth-4.5.0-alpha0","auth-4.5.0-alpha1","auth-4.5.0-beta1","auth-4.5.0-rc1","auth-4.5.0-rc2","auth-4.5.1","auth-4.5.2","auth-4.5.3","auth-4.5.4","auth-4.5.5","auth-4.6.0","auth-4.6.0-alpha0","auth-4.6.0-alpha1","auth-4.6.0-beta1","auth-4.6.0-rc1","auth-4.6.1","auth-4.6.2","auth-4.6.3","auth-4.6.4","auth-4.7.0","auth-4.7.0-alpha0","auth-4.7.0-alpha1","auth-4.7.0-beta1","auth-4.7.0-beta2","auth-4.7.0-rc1","auth-4.7.1","auth-4.7.2","auth-4.7.3","auth-4.7.4","auth-4.7.5","auth-4.8.0","auth-4.8.0-alpha0","auth-4.8.0-alpha1","auth-4.8.0-beta1","auth-4.8.1","auth-4.8.2","auth-4.8.3","auth-4.8.4","auth-4.8.5","auth-4.9.0","auth-4.9.0-alpha1","auth-4.9.0-beta1","auth-4.9.0-beta2","auth-4.9.1","auth-4.9.10","auth-4.9.11","auth-4.9.12","auth-4.9.13","auth-4.9.2","auth-4.9.3","auth-4.9.4","auth-4.9.5","auth-4.9.6","auth-4.9.7","auth-4.9.8","auth-4.9.9","auth-5.0.0","auth-5.0.0-alpha0","auth-5.0.0-alpha1","auth-5.0.0-beta1","auth-5.0.1","auth-5.0.2","auth-5.0.3","auth-5.1.0-alpha0","auth-5.1.0-alpha1","dnsdist-1.0.0","dnsdist-1.0.0-alpha1","dnsdist-1.0.0-alpha2","dnsdist-1.0.0-beta1","dnsdist-1.1.0","dnsdist-1.1.0-beta1","dnsdist-1.1.0-beta2","dnsdist-1.10.0-alpha0","dnsdist-1.2.0","dnsdist-1.2.1","dnsdist-1.3.0","dnsdist-1.3.1","dnsdist-1.3.2","dnsdist-1.3.3","dnsdist-1.4.0","dnsdist-1.4.0-alpha1","dnsdist-1.4.0-alpha2","dnsdist-1.4.0-beta1","dnsdist-1.4.0-rc1","dnsdist-1.4.0-rc2","dnsdist-1.4.0-rc3","dnsdist-1.4.0-rc4","dnsdist-1.4.0-rc5","dnsdist-1.5.0","dnsdist-1.5.0-alpha1","dnsdist-1.5.0-rc1","dnsdist-1.5.0-rc2","dnsdist-1.5.0-rc3","dnsdist-1.5.0-rc4","dnsdist-1.5.1","dnsdist-1.5.2","dnsdist-1.6.0","dnsdist-1.6.0-alpha0","dnsdist-1.6.0-alpha1","dnsdist-1.6.0-alpha2","dnsdist-1.6.0-alpha3","dnsdist-1.6.0-rc1","dnsdist-1.6.0-rc2","dnsdist-1.6.1","dnsdist-1.7.0","dnsdist-1.7.0-alpha0","dnsdist-1.7.0-alpha1","dnsdist-1.7.0-alpha2","dnsdist-1.7.0-beta1","dnsdist-1.7.0-beta2","dnsdist-1.7.0-rc1","dnsdist-1.7.1","dnsdist-1.7.2","dnsdist-1.7.3","dnsdist-1.7.4","dnsdist-1.7.5","dnsdist-1.8.0","dnsdist-1.8.0-alpha0","dnsdist-1.8.0-rc1","dnsdist-1.8.0-rc2","dnsdist-1.8.0-rc3","dnsdist-1.8.1","dnsdist-1.8.2","dnsdist-1.8.3","dnsdist-1.8.4","dnsdist-1.9.0","dnsdist-1.9.0-alpha0","dnsdist-1.9.0-alpha1","dnsdist-1.9.0-alpha2","dnsdist-1.9.0-alpha3","dnsdist-1.9.0-alpha4","dnsdist-1.9.0-rc1","dnsdist-1.9.1","dnsdist-1.9.10","dnsdist-1.9.11","dnsdist-1.9.12","dnsdist-1.9.2","dnsdist-1.9.3","dnsdist-1.9.4","dnsdist-1.9.5","dnsdist-1.9.6","dnsdist-1.9.7","dnsdist-1.9.8","dnsdist-1.9.9","dnsdist-2.0.0","dnsdist-2.0.0-alpha0","dnsdist-2.0.0-alpha1","dnsdist-2.0.0-alpha2","dnsdist-2.0.0-beta1","dnsdist-2.0.0-rc1","dnsdist-2.0.0-rc2","dnsdist-2.0.1","dnsdist-2.0.2","dnsdist-2.0.3","dnsdist-2.1.0-alpha0","dnsdist-2.1.0-alpha1","dnsdist-2.1.0-beta1","dnsdist-2.1.0-beta2","pdns-2.9","pdns-2.9.1","pdns-2.9.10","pdns-2.9.11","pdns-2.9.12","pdns-2.9.13","pdns-2.9.14","pdns-2.9.15","pdns-2.9.16","pdns-2.9.17","pdns-2.9.18","pdns-2.9.19","pdns-2.9.2","pdns-2.9.20","pdns-2.9.21","pdns-2.9.3","pdns-2.9.4","pdns-2.9.5","pdns-2.9.6","pdns-2.9.7","pdns-2.9.8","rec-3-0","rec-3-0-1","rec-3.0","rec-3.0.1","rec-3.1.2","rec-3.1.4","rec-3.1.7.1","rec-3.1.7.2","rec-3.2","rec-3.3","rec-3.3.1","rec-3.5","rec-3.5-rc1","rec-3.5-rc3","rec-3.5-rc4","rec-3.5-rc5","rec-3.5.1","rec-3.5.2","rec-3.5.3","rec-3.6.0","rec-3.6.0-rc1","rec-3.6.1","rec-3.6.2","rec-3.6.3","rec-3.6.4","rec-3.7.0","rec-3.7.0-rc1","rec-3.7.0-rc2","rec-3.7.1","rec-3.7.2","rec-3.7.3","rec-3.7.4","rec-4.0.0","rec-4.0.0-alpha1","rec-4.0.0-alpha2","rec-4.0.0-alpha3","rec-4.0.0-beta1","rec-4.0.0-rc1","rec-4.0.1","rec-4.0.2","rec-4.0.3","rec-4.0.4","rec-4.0.5","rec-4.0.5-rc1","rec-4.0.5-rc2","rec-4.0.6","rec-4.0.7","rec-4.0.8","rec-4.0.9","rec-4.1.0","rec-4.1.0-alpha1","rec-4.1.0-rc1","rec-4.1.0-rc2","rec-4.1.0-rc3","rec-4.1.1","rec-4.1.10","rec-4.1.11","rec-4.1.12","rec-4.1.13","rec-4.1.14","rec-4.1.15","rec-4.1.16","rec-4.1.17","rec-4.1.18","rec-4.1.2","rec-4.1.3","rec-4.1.4","rec-4.1.5","rec-4.1.6","rec-4.1.7","rec-4.1.8","rec-4.1.9","rec-4.10.0-alpha0","rec-4.2.0","rec-4.2.0-alpha1","rec-4.2.0-beta1","rec-4.2.0-rc1","rec-4.2.0-rc2","rec-4.2.1","rec-4.2.2","rec-4.2.3","rec-4.2.4","rec-4.2.5","rec-4.3.0","rec-4.3.0-alpha1","rec-4.3.0-alpha2","rec-4.3.0-alpha3","rec-4.3.0-beta1","rec-4.3.0-beta2","rec-4.3.0-rc1","rec-4.3.0-rc2","rec-4.3.1","rec-4.3.2","rec-4.3.3","rec-4.3.4","rec-4.3.5","rec-4.3.6","rec-4.3.7","rec-4.4.0","rec-4.4.0-alpha0","rec-4.4.0-alpha1","rec-4.4.0-alpha2","rec-4.4.0-beta1","rec-4.4.0-rc1","rec-4.4.0-rc2","rec-4.4.1","rec-4.4.2","rec-4.5.0","rec-4.5.0-alpha0","rec-4.5.0-alpha1","rec-4.5.0-alpha2","rec-4.5.0-alpha3","rec-4.5.0-beta1","rec-4.5.0-beta2","rec-4.5.0-rc1","rec-4.5.1","rec-4.5.2","rec-4.5.3","rec-4.6.0","rec-4.6.0-alpha0","rec-4.6.0-alpha1","rec-4.6.0-alpha2","rec-4.6.0-beta1","rec-4.6.0-beta2","rec-4.6.0-rc1","rec-4.7.0","rec-4.7.0-alpha0","rec-4.7.0-alpha1","rec-4.7.0-beta1","rec-4.7.0-rc1","rec-4.7.1","rec-4.7.2","rec-4.7.3","rec-4.7.4","rec-4.7.5","rec-4.7.6","rec-4.8.0","rec-4.8.0-alpha0","rec-4.8.0-alpha1","rec-4.8.0-beta1","rec-4.8.0-beta2","rec-4.8.0-rc1","rec-4.8.1","rec-4.8.2","rec-4.8.3","rec-4.8.4","rec-4.8.5","rec-4.8.6","rec-4.8.7","rec-4.8.8","rec-4.8.9","rec-4.9.0","rec-4.9.0-alpha0","rec-4.9.0-alpha1","rec-4.9.0-beta1","rec-4.9.0-rc1","rec-4.9.1","rec-4.9.2","rec-4.9.3","rec-4.9.4","rec-4.9.5","rec-4.9.6","rec-4.9.7","rec-4.9.8","rec-4.9.9","rec-5.0.0","rec-5.0.0-alpha1","rec-5.0.0-alpha2","rec-5.0.0-beta1","rec-5.0.0-rc1","rec-5.0.0-rc2","rec-5.0.1","rec-5.0.10","rec-5.0.12","rec-5.0.2","rec-5.0.3","rec-5.0.4","rec-5.0.5","rec-5.0.6","rec-5.0.7","rec-5.0.8","rec-5.0.9","rec-5.1.0","rec-5.1.0-alpha0","rec-5.1.0-alpha1","rec-5.1.0-beta1","rec-5.1.0-rc1","rec-5.1.1","rec-5.1.10","rec-5.1.2","rec-5.1.3","rec-5.1.4","rec-5.1.6","rec-5.1.7","rec-5.1.8","rec-5.1.9","rec-5.2.0","rec-5.2.0-alpha0","rec-5.2.0-alpha1","rec-5.2.0-beta1","rec-5.2.0-rc1","rec-5.2.1","rec-5.2.2","rec-5.2.4","rec-5.2.5","rec-5.2.6","rec-5.2.7","rec-5.2.8","rec-5.3.0","rec-5.3.0-alpha0","rec-5.3.0-alpha1","rec-5.3.0-alpha2","rec-5.3.0-beta1","rec-5.3.0-rc1","rec-5.3.1","rec-5.3.3","rec-5.3.4","rec-5.3.5","rec-5.4.0","rec-5.4.0-alpha0","rec-5.4.0-alpha1","rec-5.4.0-beta1","rec-5.4.0-rc1","rec-5.5.0-alpha0"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"34"}]},{"events":[{"introduced":"0"},{"last_affected":"35"}]},{"events":[{"introduced":"0"},{"last_affected":"36"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-27227.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}