bind (SUSE:Linux Enterprise Server 12 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12 SP5 package bind, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (20)
CVE-2020-8616 — CVSS 8.6 (high): A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals…
CVE-2020-8625 — CVSS 8.1 (high): BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which…
CVE-2020-8623 — CVSS 7.5 (high): In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview…
CVE-2024-1975 — CVSS 7.5 (high): If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed…
CVE-2020-8617 — CVSS 7.5 (high): Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or…
CVE-2023-2828 — CVSS 7.5 (high): Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has…
CVE-2023-3341 — CVSS 7.5 (high): The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth…
CVE-2023-4408 — CVSS 7.5 (high): The DNS message parsing code in `named` includes a section whose computational complexity is overly high. It does not cause problems for…
CVE-2023-50387 — CVSS 7.5 (high): Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of…
CVE-2023-50868 — CVSS 7.5 (high): The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a…
CVE-2024-1737 — CVSS 7.5 (high): Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from…
CVE-2021-25215 — CVSS 7.5 (high): In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview…
CVE-2022-38177 — CVSS 7.5 (high): By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is…
CVE-2022-38178 — CVSS 7.5 (high): By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is…
CVE-2021-25214 — CVSS 6.5 (medium): In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9…
CVE-2020-8622 — CVSS 6.5 (medium): In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition…
CVE-2021-25219 — CVSS 5.3 (medium): In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview…
CVE-2022-2795 — CVSS 5.3 (medium): By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance…