Nixpkgs security tracker
NIXPKGS-2026-1249
GitHub issue
published on
Permalink
CVE-2026-33610
5.9 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): HIGH
by @LeSuisse Activity log
- Created automatic suggestion
-
@LeSuisse
ignored
5 packages
- pdnsd
- pdnsgrep
- pdns-recursor
- home-assistant-component-tests.namecheapdns
- tests.home-assistant-components.namecheapdns
- @LeSuisse ignored reference https://d…
- @LeSuisse accepted
- @LeSuisse published on GitHub
Possible file descriptor exhaustion in forward-dnsupdate
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it.
References
Ignored references (1)
Affected products
pdns
- <5.0.4
- <4.9.14
Matching in nixpkgs
Ignored packages (5)
pkgs.pdnsd
Permanent DNS caching
-
nixos-unstable 1.2.9a-par
- nixpkgs-unstable 1.2.9a-par
- nixos-unstable-small 1.2.9a-par
-
nixos-25.11 1.2.9a-par
- nixos-25.11-small 1.2.9a-par
- nixpkgs-25.11-darwin 1.2.9a-par
pkgs.pdnsgrep
Search tool for PowerDNS logs
pkgs.pdns-recursor
Recursive DNS server
pkgs.home-assistant-component-tests.namecheapdns
Open source home automation that puts local control and privacy first
pkgs.tests.home-assistant-components.namecheapdns
Open source home automation that puts local control and privacy first
Package maintainers
-
@Mic92 Jörg Thalheim <joerg@thalheim.io>
-
@NickCao Nick Cao <nickcao@nichi.co>