Alpine: multiple pdns-recursor packages: security update to 4.1.9-r0

critical Tenable Cloud Security Plugin ID 406255

Description

There are packages installed that are affected by multiple vulnerabilities referenced in the following CVEs:

- An issue has been found in PowerDNS Recursor versions after 4.1.3 before 4.1.9 where Lua hooks are not
properly applied to queries received over TCP in some specific combination of settings, possibly bypassing
security policies enforced using Lua. (CVE-2019-3806)

- An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1.9 where records in the answer
section of responses received from authoritative servers with the AA flag not set were not properly
validated, allowing an attacker to bypass DNSSEC validation. (CVE-2019-3807)

See Also

https://security.alpinelinux.org/vuln/CVE-2019-3806

https://security.alpinelinux.org/vuln/CVE-2019-3807

Plugin Details

Severity: Critical

ID: 406255

Version: Revision 1.27

Type: Local

Published: 10/31/2023

Updated: 7/2/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Medium

Score: 4.9

Percentile: 57.12

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2019-3806

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2019-3807

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 1/21/2019

Reference Information

CVE: CVE-2019-3806, CVE-2019-3807