UBUNTU-CVE-2026-33260
- Source
- https://ubuntu.com/security/CVE-2026-33260
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-33260.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-33260
- Upstream
- Published
- 2026-04-22T10:16:00Z
- Modified
- 2026-05-20T16:25:29.449266624Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.
- References
-
- https://ubuntu.com/security/CVE-2026-33260
- https://www.cve.org/CVERecord?id=CVE-2026-33260
- https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html#cve-2026-33260-insufficient-input-validation-of-internal-webserver
- https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2026-03.html#cve-2026-33260-insufficient-input-validation-of-internal-web-server
- https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html
Affected packages
Ubuntu:16.04:LTS
Ubuntu:24.04:LTS
pdns
Package
- Name
- pdns
- Purl
- pkg:deb/ubuntu/pdns?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
4.*
4.8.1-1build1
4.8.3-2
4.8.3-2build1
4.8.3-3
4.8.3-4
4.8.3-4build2
4.8.3-4build3
Ecosystem specific
{
"binaries": [
{
"binary_name": "pdns-backend-bind",
"binary_version": "4.8.3-4build3"
},
{
"binary_name": "pdns-backend-geoip",
"binary_version": "4.8.3-4build3"
},
{
"binary_name": "pdns-backend-ldap",
"binary_version": "4.8.3-4build3"
},
{
"binary_name": "pdns-backend-lmdb",
"binary_version": "4.8.3-4build3"
},
{
"binary_name": "pdns-backend-lua2",
"binary_version": "4.8.3-4build3"
},
{
"binary_name": "pdns-backend-mysql",
"binary_version": "4.8.3-4build3"
},
{
"binary_name": "pdns-backend-odbc",
"binary_version": "4.8.3-4build3"
},
{
"binary_name": "pdns-backend-pgsql",
"binary_version": "4.8.3-4build3"
},
{
"binary_name": "pdns-backend-pipe",
"binary_version": "4.8.3-4build3"
},
{
"binary_name": "pdns-backend-remote",
"binary_version": "4.8.3-4build3"
},
{
"binary_name": "pdns-backend-sqlite3",
"binary_version": "4.8.3-4build3"
},
{
"binary_name": "pdns-backend-tinydns",
"binary_version": "4.8.3-4build3"
},
{
"binary_name": "pdns-ixfrdist",
"binary_version": "4.8.3-4build3"
},
{
"binary_name": "pdns-server",
"binary_version": "4.8.3-4build3"
},
{
"binary_name": "pdns-tools",
"binary_version": "4.8.3-4build3"
}
]
}pdns-recursor
Package
- Name
- pdns-recursor
- Purl
- pkg:deb/ubuntu/pdns-recursor?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
4.*
4.9.0-2
4.9.1-4
4.9.2-1
4.9.2-1build1
4.9.2-2
4.9.3-1
4.9.3-1build2
4.9.3-1build3
Ubuntu:25.10
dnsdist
pdns
Package
- Name
- pdns
- Purl
- pkg:deb/ubuntu/pdns?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "pdns-backend-bind",
"binary_version": "5.0.0-2"
},
{
"binary_name": "pdns-backend-geoip",
"binary_version": "5.0.0-2"
},
{
"binary_name": "pdns-backend-ldap",
"binary_version": "5.0.0-2"
},
{
"binary_name": "pdns-backend-lmdb",
"binary_version": "5.0.0-2"
},
{
"binary_name": "pdns-backend-lua2",
"binary_version": "5.0.0-2"
},
{
"binary_name": "pdns-backend-mysql",
"binary_version": "5.0.0-2"
},
{
"binary_name": "pdns-backend-odbc",
"binary_version": "5.0.0-2"
},
{
"binary_name": "pdns-backend-pgsql",
"binary_version": "5.0.0-2"
},
{
"binary_name": "pdns-backend-pipe",
"binary_version": "5.0.0-2"
},
{
"binary_name": "pdns-backend-remote",
"binary_version": "5.0.0-2"
},
{
"binary_name": "pdns-backend-sqlite3",
"binary_version": "5.0.0-2"
},
{
"binary_name": "pdns-backend-tinydns",
"binary_version": "5.0.0-2"
},
{
"binary_name": "pdns-ixfrdist",
"binary_version": "5.0.0-2"
},
{
"binary_name": "pdns-server",
"binary_version": "5.0.0-2"
},
{
"binary_name": "pdns-tools",
"binary_version": "5.0.0-2"
}
]
}pdns-recursor
Package
- Name
- pdns-recursor
- Purl
- pkg:deb/ubuntu/pdns-recursor?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:26.04:LTS
dnsdist
pdns
Package
- Name
- pdns
- Purl
- pkg:deb/ubuntu/pdns?arch=source&distro=resolute
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "pdns-backend-bind",
"binary_version": "5.0.2-1build1"
},
{
"binary_name": "pdns-backend-geoip",
"binary_version": "5.0.2-1build1"
},
{
"binary_name": "pdns-backend-ldap",
"binary_version": "5.0.2-1build1"
},
{
"binary_name": "pdns-backend-lmdb",
"binary_version": "5.0.2-1build1"
},
{
"binary_name": "pdns-backend-lua2",
"binary_version": "5.0.2-1build1"
},
{
"binary_name": "pdns-backend-mysql",
"binary_version": "5.0.2-1build1"
},
{
"binary_name": "pdns-backend-odbc",
"binary_version": "5.0.2-1build1"
},
{
"binary_name": "pdns-backend-pgsql",
"binary_version": "5.0.2-1build1"
},
{
"binary_name": "pdns-backend-pipe",
"binary_version": "5.0.2-1build1"
},
{
"binary_name": "pdns-backend-remote",
"binary_version": "5.0.2-1build1"
},
{
"binary_name": "pdns-backend-sqlite3",
"binary_version": "5.0.2-1build1"
},
{
"binary_name": "pdns-backend-tinydns",
"binary_version": "5.0.2-1build1"
},
{
"binary_name": "pdns-ixfrdist",
"binary_version": "5.0.2-1build1"
},
{
"binary_name": "pdns-server",
"binary_version": "5.0.2-1build1"
},
{
"binary_name": "pdns-tools",
"binary_version": "5.0.2-1build1"
}
]
}Ubuntu:Pro:16.04:LTS
pdns
Package
- Name
- pdns
- Purl
- pkg:deb/ubuntu/pdns?arch=source&distro=esm-apps%2Fxenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.4.5-1build2
3.4.6-2
3.4.6-3
3.4.7-1
3.4.7-2
4.*
4.0.0~alpha1-1
4.0.0~alpha2-2
4.0.0~alpha2-3
4.0.0~alpha2-3build1
4.0.0~alpha2-3ubuntu0.1~esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "pdns-backend-geoip",
"binary_version": "4.0.0~alpha2-3ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-ldap",
"binary_version": "4.0.0~alpha2-3ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-lua",
"binary_version": "4.0.0~alpha2-3ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-mydns",
"binary_version": "4.0.0~alpha2-3ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-mysql",
"binary_version": "4.0.0~alpha2-3ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-pgsql",
"binary_version": "4.0.0~alpha2-3ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-pipe",
"binary_version": "4.0.0~alpha2-3ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-remote",
"binary_version": "4.0.0~alpha2-3ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-sqlite3",
"binary_version": "4.0.0~alpha2-3ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-tinydns",
"binary_version": "4.0.0~alpha2-3ubuntu0.1~esm1"
},
{
"binary_name": "pdns-server",
"binary_version": "4.0.0~alpha2-3ubuntu0.1~esm1"
},
{
"binary_name": "pdns-tools",
"binary_version": "4.0.0~alpha2-3ubuntu0.1~esm1"
}
]
}pdns-recursor
Package
- Name
- pdns-recursor
- Purl
- pkg:deb/ubuntu/pdns-recursor?arch=source&distro=esm-apps%2Fxenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.7.3-1
4.*
4.0.0~alpha1-1
4.0.0~alpha1-2
4.0.0~alpha2-2
4.0.0~alpha2-2ubuntu0.1
4.0.0~alpha2-2ubuntu0.1+esm1
Ubuntu:Pro:18.04:LTS
dnsdist
Package
- Name
- dnsdist
- Purl
- pkg:deb/ubuntu/dnsdist?arch=source&distro=esm-apps%2Fbionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
pdns
Package
- Name
- pdns
- Purl
- pkg:deb/ubuntu/pdns?arch=source&distro=esm-apps%2Fbionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
4.*
4.0.4-2
4.0.4-2build1
4.0.5-1
4.1.0-1
4.1.0-2
4.1.0-2build1
4.1.1-1
4.1.1-1ubuntu0.1~esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "pdns-backend-bind",
"binary_version": "4.1.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-geoip",
"binary_version": "4.1.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-ldap",
"binary_version": "4.1.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-lua",
"binary_version": "4.1.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-mydns",
"binary_version": "4.1.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-mysql",
"binary_version": "4.1.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-odbc",
"binary_version": "4.1.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-opendbx",
"binary_version": "4.1.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-pgsql",
"binary_version": "4.1.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-pipe",
"binary_version": "4.1.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-remote",
"binary_version": "4.1.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-sqlite3",
"binary_version": "4.1.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-tinydns",
"binary_version": "4.1.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-server",
"binary_version": "4.1.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-tools",
"binary_version": "4.1.1-1ubuntu0.1~esm1"
}
]
}pdns-recursor
Package
- Name
- pdns-recursor
- Purl
- pkg:deb/ubuntu/pdns-recursor?arch=source&distro=esm-apps%2Fbionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
4.*
4.0.6-1
4.0.6-1build1
4.0.7-1
4.1.1-1
4.1.1-1build1
4.1.1-2
4.1.1-2ubuntu0.1~esm1
Ubuntu:Pro:20.04:LTS
dnsdist
Package
- Name
- dnsdist
- Purl
- pkg:deb/ubuntu/dnsdist?arch=source&distro=esm-apps%2Ffocal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
pdns
Package
- Name
- pdns
- Purl
- pkg:deb/ubuntu/pdns?arch=source&distro=esm-apps%2Ffocal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
4.*
4.1.6-3build1
4.2.0-1
4.2.1-1
4.2.1-1build1
4.2.1-1build2
4.2.1-1ubuntu0.1~esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "pdns-backend-bind",
"binary_version": "4.2.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-geoip",
"binary_version": "4.2.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-ldap",
"binary_version": "4.2.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-lua",
"binary_version": "4.2.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-mydns",
"binary_version": "4.2.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-mysql",
"binary_version": "4.2.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-odbc",
"binary_version": "4.2.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-pgsql",
"binary_version": "4.2.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-pipe",
"binary_version": "4.2.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-remote",
"binary_version": "4.2.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-sqlite3",
"binary_version": "4.2.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-tinydns",
"binary_version": "4.2.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-ixfrdist",
"binary_version": "4.2.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-server",
"binary_version": "4.2.1-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-tools",
"binary_version": "4.2.1-1ubuntu0.1~esm1"
}
]
}pdns-recursor
Package
- Name
- pdns-recursor
- Purl
- pkg:deb/ubuntu/pdns-recursor?arch=source&distro=esm-apps%2Ffocal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:22.04:LTS
dnsdist
Package
- Name
- dnsdist
- Purl
- pkg:deb/ubuntu/dnsdist?arch=source&distro=esm-apps%2Fjammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
pdns
Package
- Name
- pdns
- Purl
- pkg:deb/ubuntu/pdns?arch=source&distro=esm-apps%2Fjammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "pdns-backend-bind",
"binary_version": "4.5.3-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-geoip",
"binary_version": "4.5.3-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-ldap",
"binary_version": "4.5.3-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-lmdb",
"binary_version": "4.5.3-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-lua2",
"binary_version": "4.5.3-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-mysql",
"binary_version": "4.5.3-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-odbc",
"binary_version": "4.5.3-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-pgsql",
"binary_version": "4.5.3-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-pipe",
"binary_version": "4.5.3-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-remote",
"binary_version": "4.5.3-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-sqlite3",
"binary_version": "4.5.3-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-backend-tinydns",
"binary_version": "4.5.3-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-ixfrdist",
"binary_version": "4.5.3-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-server",
"binary_version": "4.5.3-1ubuntu0.1~esm1"
},
{
"binary_name": "pdns-tools",
"binary_version": "4.5.3-1ubuntu0.1~esm1"
}
]
}pdns-recursor
Package
- Name
- pdns-recursor
- Purl
- pkg:deb/ubuntu/pdns-recursor?arch=source&distro=esm-apps%2Fjammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:24.04:LTS
dnsdist
Package
- Name
- dnsdist
- Purl
- pkg:deb/ubuntu/dnsdist?arch=source&distro=esm-apps%2Fnoble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.8.0-1
1.8.2-1
1.8.2-2
1.8.2-3
1.8.3-1
1.8.3-2
1.8.3-2build1
1.8.3-2build2
1.8.3-2ubuntu0.1~esm1