bind (SUSE:OpenStack Cloud 9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud 9 package bind, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (11)
CVE-2020-8625 — CVSS 8.1 (high): BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which…
CVE-2020-8623 — CVSS 7.5 (high): In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview…
CVE-2023-2828 — CVSS 7.5 (high): Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has…
CVE-2021-25215 — CVSS 7.5 (high): In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview…
CVE-2022-38177 — CVSS 7.5 (high): By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is…
CVE-2022-38178 — CVSS 7.5 (high): By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is…
CVE-2021-25214 — CVSS 6.5 (medium): In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9…
CVE-2020-8622 — CVSS 6.5 (medium): In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition…
CVE-2022-2795 — CVSS 5.3 (medium): By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance…