Vulnerabilities > ISC > Bind
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-19 | CVE-2020-8616 | Resource Exhaustion vulnerability in multiple products A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. | 8.6 |
| 2019-11-26 | CVE-2019-6477 | Resource Exhaustion vulnerability in multiple products With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. | 7.5 |
| 2019-11-05 | CVE-2013-5661 | Authentication Bypass by Spoofing vulnerability in multiple products Cache Poisoning issue exists in DNS Response Rate Limiting. | 5.9 |
| 2019-11-01 | CVE-2019-6470 | There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. | 7.5 |
| 2019-10-30 | CVE-2018-5742 | Reachable Assertion vulnerability in ISC Bind 9.9.465/9.9.472 While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. | 7.5 |
| 2019-10-17 | CVE-2019-6476 | Reachable Assertion vulnerability in ISC Bind A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query. | 7.5 |
| 2019-10-17 | CVE-2019-6475 | Insufficient Verification of Data Authenticity vulnerability in ISC Bind Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by other servers. | 7.5 |
| 2019-10-09 | CVE-2019-6471 | Reachable Assertion vulnerability in multiple products A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. | 5.9 |
| 2019-10-09 | CVE-2019-6469 | Reachable Assertion vulnerability in ISC Bind 9.10.5/9.11.6 An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. | 7.5 |
| 2019-10-09 | CVE-2019-6468 | Reachable Assertion vulnerability in ISC Bind 9.10.5/9.11.5 In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet (ECS) features. | 7.5 |