Isc Bind vulnerabilities
195 known vulnerabilities affecting isc/bind.
Total CVEs
195
CISA KEV
0
Public exploits
16
Exploited in wild
4
Severity breakdown
CRITICAL9HIGH100MEDIUM80LOW6
Vulnerabilities
Page 2 of 10
CVE-2017-3145P3HIGHCVSS 7.5≥ 9.4.0, ≤ 9.8.8≥ 9.9.0, ≤ 9.9.11+7 more2019-01-16
CVE-2017-3145 [HIGH] CWE-416 CVE-2017-3145: BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in s
BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1.
nvd
CVE-2016-8864P3HIGHCVSS 7.5≥ 9.0.0, < 9.9.9≥ 9.10.0, < 9.10.4+3 more2016-11-02
CVE-2016-8864 [HIGH] CWE-617 CVE-2016-8864: named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows r
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c.
nvd
CVE-2016-9131P3HIGHCVSS 7.5≥ 9.0, ≤ 9.9.8≥ 9.10.0, ≤ 9.10.3+3 more2017-01-12
CVE-2016-9131 [HIGH] CWE-20 CVE-2016-9131: named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows r
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query.
nvd
CVE-2016-1285P3MEDIUMCVSS 6.8≥ 9.0.0, < 9.9.8≥ 9.10.0, < 9.10.3+2 more2016-03-09
CVE-2016-1285 [MEDIUM] CVE-2016-1285: named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME rec
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.
nvd
CVE-2015-4620P3HIGHCVSS 7.8v9.7.0v9.7.1+24 more2015-07-08
CVE-2015-4620 [HIGH] CWE-17 CVE-2015-4620: name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when co
name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zone data and then making a query for a name in that zone.
nvd
CVE-2013-2266P3HIGHCVSS 7.8v9.9.0v9.9.1+15 more2013-03-28
CVE-2013-2266 [HIGH] CWE-119 CVE-2013-2266: libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and
libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
nvd
CVE-2016-2775P3MEDIUMCVSS 5.9≥ 9.0, ≤ 9.9.8≥ 9.10.0, ≤ 9.10.3+3 more2016-07-19
CVE-2016-2775 [MEDIUM] CWE-20 CVE-2016-2775: ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or th
ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.
nvd
CVE-2024-11187P3HIGHCVSS 7.5≥ 0, < 9.18.33-r02025-01-29
CVE-2024-11187 [HIGH] CVE-2024-11187: It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section
It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources processing the queries. Zones
osv
CVE-2025-8677P3HIGHCVSS 7.5≥ 0, < 9.18.41-r0≥ 0, < 9.20.15-r02025-10-22
CVE-2025-8677 [HIGH] CVE-2025-8677: Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion
Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion.
This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
osv
CVE-2024-12705P3HIGHCVSS 7.5≥ 0, < 9.18.33-r02025-01-29
CVE-2024-12705 [HIGH] CVE-2024-12705: Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic
Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic.
This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1.
osv
CVE-2020-8616P3HIGHCVSS 8.6≥ 9.0.0, ≤ 9.11.18≥ 9.12.0, ≤ 9.12.4+14 more2020-05-19
CVE-2020-8616 [HIGH] CWE-400 CVE-2020-8616: A malicious actor who intentionally exploits this lack of effective limitation on the number of fetc
A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance o
nvd
CVE-2022-3488P3HIGHCVSS 7.5v9.11.4v9.11.37+2 more2023-01-26
CVE-2022-3488 [HIGH] CWE-617 CVE-2022-3488: Processing of repeated responses to the same query, where both responses contain ECS pseudo-options,
Processing of repeated responses to the same query, where both responses contain ECS pseudo-options, but where the first is broken in some way, can cause BIND to exit with an assertion failure.
'Broken' in this context is anything that would cause the resolver to reject the query response, such as a mismatch between query and answer name.
This issue af
nvd
CVE-2015-5722P3HIGHCVSS 7.8≤ 9.9.7≤ 9.10.22015-09-05
CVE-2015-5722 [HIGH] CWE-20 CVE-2015-5722: buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attacker
buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone.
nvd
CVE-2022-3924P3HIGHCVSS 7.5≥ 9.16.12, < 9.16.37≥ 9.18.0, < 9.18.11+7 more2023-01-26
CVE-2022-3924 [HIGH] CWE-617 CVE-2022-3924: This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the opt
This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured with a value greater than zero.
If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clients that are waiting for recursion to complete. If the
nvdosv
CVE-2025-13878P3HIGHCVSS 7.5≥ 0, < 9.18.44-r0≥ 0, < 9.20.18-r02026-01-21
CVE-2025-13878 [HIGH] CVE-2025-13878: Malformed BRID/HHIT records can cause `named` to terminate unexpectedly
Malformed BRID/HHIT records can cause `named` to terminate unexpectedly.
This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1.
osv
CVE-2025-40778P3HIGHCVSS 8.6≥ 0, < 9.18.41-r0≥ 0, < 9.20.15-r02025-10-22
CVE-2025-40778 [HIGH] CVE-2025-40778: Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache
Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache.
This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 t
osv
CVE-2025-40780P3HIGHCVSS 8.6≥ 0, < 9.18.41-r0≥ 0, < 9.20.15-r02025-10-22
CVE-2025-40780 [HIGH] CVE-2025-40780: In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the
In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the source port and query ID that BIND will use.
This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 thr
osv
CVE-2022-3094P3HIGHCVSS 7.5≥ 9.16.0, < 9.16.37≥ 9.18.0, < 9.18.11+8 more2023-01-26
CVE-2022-3094 [HIGH] CWE-416 CVE-2022-3094: Sending a flood of dynamic DNS updates may cause `named` to allocate large amounts of memory. This,
Sending a flood of dynamic DNS updates may cause `named` to allocate large amounts of memory. This, in turn, may cause `named` to exit due to a lack of free memory. We are not aware of any cases where this has been exploited.
Memory is allocated prior to the checking of access permissions (ACLs) and is retained during the processing of a dynamic update
nvdosv
CVE-2021-25215P3HIGHCVSS 7.5≥ 9.0.0, < 9.11.31≥ 9.12.0, < 9.16.15+18 more2021-04-29
CVE-2021-25215 [HIGH] CWE-617 CVE-2021-25215: In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1
In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process wi
nvd
CVE-2026-5946P3HIGHCVSS 7.5≥ 9.11.0, ≤ 9.16.50≥ 9.18.0, < 9.18.49+2 more2026-05-20
CVE-2026-5946 [HIGH] CWE-20 CVE-2026-5946: Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS i
Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example, `CHAOS` or `HESIOD`, or DNS messages that specify meta-classes (`ANY` or `NONE`) in the question section. Specially crafted requests reaching the affected code paths — recursion, dynamic updates (`UPDATE`), zone change
nvd