bind (SUSE:Linux Enterprise Server 11 SP4-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 11 SP4-LTSS package bind, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (11)
CVE-2020-8616 — CVSS 8.6 (high): A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals…
CVE-2021-25216 — CVSS 8.1 (high): In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported…
CVE-2020-8625 — CVSS 8.1 (high): BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which…
CVE-2018-5743 — CVSS 7.5 (high): By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections…
CVE-2020-8617 — CVSS 7.5 (high): Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or…
CVE-2018-5740 — CVSS 7.5 (high): "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks…
CVE-2021-25215 — CVSS 7.5 (high): In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview…
CVE-2018-5741 — CVSS 6.5 (medium): To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in a zone, BIND 9 provides a feature called…
CVE-2021-25214 — CVSS 6.5 (medium): In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9…
CVE-2019-6465 — CVSS 5.3 (medium): Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected…
CVE-2018-5745 — CVSS 4.9 (medium): "managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure…