ISC Bind9 Vulnerabilities
Isc Bind9 vulnerabilities.
Vulnerability Published:
๐๏ธ Published
- Anytime
Sort By:
๐๏ธ Published Date
- Descending
Memory leak in ECDSA DNSSEC verification code
CVE-2022-38177IscBind9๐พ7.5HIGHBuffer overread in statistics channel code
CVE-2022-2881IscBind9๐พ5.5MEDIUMMemory leaks in EdDSA DNSSEC verification code
CVE-2022-38178IscBind9๐พ7.5HIGHMemory leaks in code handling Diffie-Hellman key exchange via TKEY RRs (OpenSSL 3.0.0+ only)
CVE-2022-2906IscBind9๐พ7.5HIGHProcessing large delegations may severely degrade resolver performance
CVE-2022-2795IscBind9๐พ5.3MEDIUMBIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly
CVE-2022-3080IscBind9๐พ7.5HIGHDestroying a TLS session early causes assertion failure
CVE-2022-1183IscBind9๐พ7.5HIGHLame cache can be abused to severely degrade resolver performance
CVE-2021-25219IscBind9๐พ5.3MEDIUMA too-strict assertion check could be triggered when responses in BIND 9.16.19 and 9.17.16 require UDP fragmentation if RRL is in use
CVE-2021-25218IscBind9๐พ7.5HIGHAn assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself
CVE-2021-25215IscBind9๐พ7.5HIGHA second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack
CVE-2021-25216IscBind9๐พEPSS 24%8.1HIGHA broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly
CVE-2021-25214IscBind9๐พ6.5MEDIUMA vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack
CVE-2020-8625IscBind98.1HIGHA flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c
CVE-2020-8623IscBind9๐พ7.5HIGHAssertion Failure in BIND Server Leading to Unexpected Exits
CVE-2020-8620IscBind9๐พ7.5HIGHAttempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c
CVE-2020-8621IscBind9๐พ7.5HIGHA truncated TSIG response can lead to an assertion failure
CVE-2020-8622IscBind9๐พ6.5MEDIUMupdate-policy rules of type "subdomain" are enforced incorrectly
CVE-2020-8624IscBind9๐พ4.3MEDIUMA buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer
CVE-2020-8619IscBind94.9MEDIUMA buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer
CVE-2020-8618IscBind94.9MEDIUMA logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c
CVE-2020-8617IscBind9๐พ๐กEPSS 92%7.5HIGHBIND does not sufficiently limit the number of fetches performed when processing referrals
CVE-2020-8616IscBind98.6HIGHTCP-pipelined queries can bypass tcp-clients limit
CVE-2019-6477IscBind97.5HIGH
21 September 2022
19 May 2022
27 October 2021
18 August 2021
29 April 2021
17 February 2021
21 August 2020
17 June 2020
19 May 2020
20 November 2019
No more vulnerabilities to load.