CVE-2026-42389

Source
https://cve.org/CVERecord?id=CVE-2026-42389
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-42389.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-42389
Downstream
Published
2026-06-25T13:16:45.245Z
Modified
2026-07-08T08:13:17.585139841Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
Reject more queries with invalid header values
Details

This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/42xxx/CVE-2026-42389.json",
    "cna_assigner": "OX"
}
References

Affected packages

Git / github.com/powerdns/pdns

Affected ranges

Type
GIT
Repo
https://github.com/powerdns/pdns
Events
Database specific
{
    "source": "AFFECTED_FIELD",
    "extracted_events": [
        {
            "introduced": "5.4.0"
        },
        {
            "fixed": "5.4.3"
        }
    ]
}

Affected versions

rec-5.*
rec-5.4.0
rec-5.4.0-rc1
rec-5.4.2

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-42389.json"