2962 matches found
Important: bind
Issue Overview: Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versio...
RHEL 8 : bind9.16 (RHSA-2024:5418)
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5418 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...
Important: bind and bind-dyndb-ldap security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...
bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam
A flaw was found in the bind9 package, where a hostname with significant resource records may slow down bind's resolver cache and authoritative zone databases while these records are being added or updated. In addition, client queries for the related hostname may cause the same issue. This...
The vulnerability of the BIND DNS server, related to the distribution of resources without restrictions and regulation, allows a hacker to cause a service failure.
The vulnerability of the BIND DNS server is related to the exhaustion of resources on the resolver’s CPU. Exploiting this vulnerability allows a malicious actor to cause service failures by sending SIG0 signed requests...
OESA-2024-1971 bind security update
BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...
OESA-2024-1969 bind security update
BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...
OESA-2024-1972 bind security update
Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols and provides an openly redistributable reference implementation of the major components of the Domain Name System. This package includes the components to operate a DNS server. Security Fixes: Resolver...
OESA-2024-1973 bind security update
BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...
Amazon Linux 2023 : bind, bind-chroot, bind-devel (ALAS2023-2024-680)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-680 advisory. Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or update...
Important: bind
Issue Overview: Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versio...
CLSA-2024-1722529717 unbound: Fix of CVE-2023-50387
CVE-2023-50387: enhanced DNS resolver performance and stability by optimizing the handling of DNSSEC responses, reducing the potential for resource exhaustion...
Important: docker
Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...
Important: docker
Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...
SUSE CVE-2024-1737
Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 throug...
spring-security: Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated
A vulnerability was found in Spring Security. This issue may lead to Broken Access Control, allowing a malicious user to impact the Confidentiality and Integrity of an application or server. This requires the application to use AuthenticationTrustResolver.isFullyAuthenticatedAuthentication direct...
Denial Of Service (DoS)
libbind9.so is vulnerable to Denial of Service. The vulnerability is due to resolver caches and authoritative zone databases holding significant numbers of RRs for the same hostname, leading to issues when content is added or updated, and when handling client queries for this name...
PT-2024-5297 · Openiam · Openam
Name of the Vulnerable Software and Affected Versions: OpenAM versions 15.0.3 and prior Description: The issue is related to the getCustomLoginUrlTemplate method in RealmOAuth2ProviderSettings.java, which is vulnerable to template injection due to its usage of user input. This vulnerability allow...
CVE-2024-1737
A flaw was found in the bind9 package, where a hostname with significant resource records may slow down bind's resolver cache and authoritative zone databases while these records are being added or updated. In addition, client queries for the related hostname may cause the same issue. This...
CVE-2024-1975
A flaw was found in the bind9 package, where if a DNS server hosts a zone containing a "KEY" resource record or a DNS resolver utilizes the DNSSEC validate feature to validate a "KEY" resource record, a malicious client could exhaust the CPU resourced from the resolver by sending a stream of SIG0...