Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

BIND9 — Vulnerabilities & Security Advisories 25

All 25 CVE vulnerabilities found in BIND9, with AI-generated Chinese analysis, references, and POCs.

Vendor: Debian

CVE IDTitleCVSSSeverityPaused
CVE-2022-3080 BIND 9 resolvers configured to answer from stale cache with zero stale-answer-client-timeout may terminate unexpectedly 7.5 High2022-09-21
CVE-2022-38178 Memory leaks in EdDSA DNSSEC verification code 7.5 High2022-09-21
CVE-2022-38177 Memory leak in ECDSA DNSSEC verification code 7.5 High2022-09-21
CVE-2022-2906 Memory leaks in code handling Diffie-Hellman key exchange via TKEY RRs (OpenSSL 3.0.0+ only) 7.5 High2022-09-21
CVE-2022-2881 Buffer overread in statistics channel code 5.5 Medium2022-09-21
CVE-2022-2795 Processing large delegations may severely degrade resolver performance 5.3 Medium2022-09-21
CVE-2022-1183 Destroying a TLS session early causes assertion failure 7.5 High2022-05-19
CVE-2021-25219 Lame cache can be abused to severely degrade resolver performance 5.3 Medium2021-10-27
CVE-2021-25218 A too-strict assertion check could be triggered when responses in BIND 9.16.19 and 9.17.16 require UDP fragmentation if RRL is in use 7.5 High2021-08-18
CVE-2021-25216 A second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack 8.1 High2021-04-29
CVE-2021-25215 An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself 7.5 High2021-04-29
CVE-2021-25214 A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly 6.5 Medium2021-04-29
CVE-2020-8625 A vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack 8.1 High2021-02-17
CVE-2020-8624 update-policy rules of type "subdomain" are enforced incorrectly 4.3 Medium2020-08-21
CVE-2020-8623 A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c 7.5 High2020-08-21
CVE-2020-8622 A truncated TSIG response can lead to an assertion failure 6.5 Medium2020-08-21
CVE-2020-8621 Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c 7.5 High2020-08-21
CVE-2020-8620 Internet Systems Consortium BIND server 安全漏洞 7.5 High2020-08-21
CVE-2020-8619 A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer 4.9 Medium2020-06-17
CVE-2020-8618 A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer 4.9 Medium2020-06-17
CVE-2020-8617 A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c 7.5 High2020-05-19
CVE-2020-8616 BIND does not sufficiently limit the number of fetches performed when processing referrals 8.6 High2020-05-19
CVE-2019-6477 TCP-pipelined queries can bypass tcp-clients limit 7.5 High2019-11-26
CVE-2018-5742 An oversight while backporting a feature leads to an assertion failure in buffer.c:420 7.5 -2019-10-30
CVE-2018-5735 Backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858 7.5 High2019-10-30

All 25 known CVE vulnerabilities affecting BIND9 with full Chinese analysis, references, and POCs where available.