{"id":"CVE-2022-27227","details":"In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.","modified":"2026-04-10T04:46:28.395352Z","published":"2022-03-25T15:15:07.697Z","related":["openSUSE-SU-2022:0105-1","openSUSE-SU-2024:11954-1","openSUSE-SU-2024:11955-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJSKICB67SPPEGNXCQLZVSWR6QGCN3KP/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2QKN56VWXUVFOYGUN75N5IRNK66OHTHT/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HEABZA46XYEUWMGSY2GYYVHISBVWEHIO/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPHOFNI7FKM5NNOVDOWO4TBXFAFICCUE/"},{"type":"ADVISORY","url":"https://doc.powerdns.com/authoritative/security-advisories/index.html"},{"type":"ADVISORY","url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2022-01.html"},{"type":"ADVISORY","url":"https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2022-01.html"},{"type":"ADVISORY","url":"https://docs.powerdns.com/recursor/security-advisories/index.html"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2022/03/25/1"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/powerdns/pdns","events":[{"introduced":"0"},{"fixed":"8c642b6c559a4f266e3bc16e994475ba8ff23ab5"},{"introduced":"8acf42e9ad4c339b7636693ed2d22e305a2e2335"},{"fixed":"f9c4f82b7a58e243614d935ef997bc0b8c35d8e5"},{"introduced":"267458e54fe9446084c4f0ecf980b5c307d84c56"},{"fixed":"ab4a4b861a01c66a5a0840ea8209e18c084c788a"},{"introduced":"0"},{"fixed":"50c085395e81a07297ec0675f1a435e4449a7bdc"},{"introduced":"8acf42e9ad4c339b7636693ed2d22e305a2e2335"},{"fixed":"22980701dbd40c8fb8dbc9fa5f29125698dfa63b"},{"introduced":"267458e54fe9446084c4f0ecf980b5c307d84c56"},{"fixed":"ab4a4b861a01c66a5a0840ea8209e18c084c788a"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.4.3"},{"introduced":"4.5.0"},{"fixed":"4.5.4"},{"introduced":"4.6.0"},{"fixed":"4.6.1"},{"introduced":"0"},{"fixed":"4.4.8"},{"introduced":"4.5.0"},{"fixed":"4.5.8"},{"introduced":"4.6.0"},{"fixed":"4.6.1"}]}}],"versions":["auth-3.1-rc1","auth-3.1-rc2","auth-3.1-rc3","auth-3.2-rc1","auth-3.2-rc2","auth-3.2-rc3","auth-3.2-rc4","auth-3.4.0","auth-3.4.0-rc1","auth-3.4.0-rc2","auth-4.0.0","auth-4.0.0-alpha1","auth-4.0.0-alpha2","auth-4.0.0-alpha3","auth-4.0.0-beta1","auth-4.0.0-rc1","auth-4.0.0-rc2","auth-4.0.1","auth-4.1.0","auth-4.1.0-rc1","auth-4.1.0-rc2","auth-4.1.0-rc3","auth-4.2.0-alpha1","auth-4.2.0-beta1","auth-4.2.0-rc1","auth-4.2.0-rc2","auth-4.3.0-alpha1","auth-4.3.0-beta1","auth-4.3.0-beta2","auth-4.4.0-alpha0","dnsdist-1.0.0","dnsdist-1.0.0-alpha1","dnsdist-1.0.0-alpha2","dnsdist-1.0.0-beta1","dnsdist-1.1.0","dnsdist-1.1.0-beta1","dnsdist-1.1.0-beta2","dnsdist-1.2.0","dnsdist-1.3.0","dnsdist-1.3.1","dnsdist-1.3.2","dnsdist-1.3.3","dnsdist-1.4.0","dnsdist-1.4.0-alpha1","dnsdist-1.4.0-alpha2","dnsdist-1.4.0-beta1","dnsdist-1.4.0-rc1","dnsdist-1.4.0-rc2","dnsdist-1.4.0-rc3","dnsdist-1.4.0-rc4","dnsdist-1.4.0-rc5","dnsdist-1.5.0","dnsdist-1.5.0-alpha1","dnsdist-1.5.0-rc1","dnsdist-1.5.0-rc2","dnsdist-1.5.0-rc3","dnsdist-1.5.0-rc4","rec-3-0","rec-3-0-1","rec-3.0","rec-3.0.1","rec-3.1.4","rec-3.3.1","rec-3.5","rec-3.5-rc1","rec-3.5-rc3","rec-3.5-rc4","rec-3.5-rc5","rec-3.6.0","rec-4.0.0","rec-4.0.0-alpha1","rec-4.0.0-alpha2","rec-4.0.0-alpha3","rec-4.0.0-beta1","rec-4.0.0-rc1","rec-4.0.1","rec-4.0.2","rec-4.1.0","rec-4.1.0-alpha1","rec-4.1.0-rc1","rec-4.1.0-rc2","rec-4.1.0-rc3","rec-4.2.0-alpha1","rec-4.2.0-beta1","rec-4.2.0-rc1","rec-4.3.0-alpha1","rec-4.3.0-alpha2","rec-4.3.0-alpha3","rec-4.3.0-beta1","rec-4.4.0","rec-4.4.0-alpha0","rec-4.4.0-alpha1","rec-4.4.0-alpha2","rec-4.4.0-beta1","rec-4.4.0-rc1","rec-4.4.0-rc2","rec-4.4.1","rec-4.4.2","rec-4.4.3","rec-4.4.4","rec-4.4.5","rec-4.4.6","rec-4.4.7","rec-4.5.0","rec-4.5.1","rec-4.5.2","rec-4.5.3","rec-4.5.4","rec-4.5.5","rec-4.5.6","rec-4.5.7","rec-4.6.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-27227.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"34"}]},{"events":[{"introduced":"0"},{"last_affected":"35"}]},{"events":[{"introduced":"0"},{"last_affected":"36"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}