Vulnerabilities > ISC > Bind > 9.18.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-14 | CVE-2023-50387 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. | 7.5 |
| 2023-09-20 | CVE-2023-3341 | Out-of-bounds Write vulnerability in multiple products The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. | 7.5 |
| 2023-09-20 | CVE-2023-4236 | Reachable Assertion vulnerability in multiple products A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure. | 7.5 |
| 2023-06-21 | CVE-2023-2828 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. | 7.5 |
| 2023-01-26 | CVE-2022-3924 | Reachable Assertion vulnerability in ISC Bind This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clients that are waiting for recursion to complete. | 7.5 |
| 2023-01-26 | CVE-2022-3094 | Use After Free vulnerability in ISC Bind Sending a flood of dynamic DNS updates may cause `named` to allocate large amounts of memory. | 7.5 |
| 2023-01-26 | CVE-2022-3736 | Unspecified vulnerability in ISC Bind BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1. | 7.5 |
| 2022-09-21 | CVE-2022-2795 | By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. | 5.3 |
| 2022-09-21 | CVE-2022-2881 | Out-of-bounds Read vulnerability in ISC Bind The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process. | 8.2 |
| 2022-09-21 | CVE-2022-2906 | Memory Leak vulnerability in ISC Bind An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. | 7.5 |