Vulnerabilities > ISC > Bind > 9.12.2

DATE CVE VULNERABILITY TITLE RISK
2019-10-09 CVE-2018-5744 Missing Release of Resource after Effective Lifetime vulnerability in ISC Bind
A failure to free memory can occur when processing messages having a specific combination of EDNS options.
network
low complexity
isc CWE-772
7.5
7.5
2019-10-09 CVE-2018-5743 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
By design, BIND is intended to limit the number of TCP clients that can be connected at any given time.
network
low complexity
f5 isc CWE-770
7.5
7.5
2019-01-16 CVE-2018-5741 Incorrect Authorization vulnerability in ISC Bind
To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in a zone, BIND 9 provides a feature called update-policy.
network
low complexity
isc CWE-863
6.5
6.5