2985 matches found
Important: Red Hat Security Advisory: bind and bind-dyndb-ldap security update
An update for bind and bind-dyndb-ldap is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam
A flaw was found in the bind9 package, where a hostname with significant resource records may slow down bind's resolver cache and authoritative zone databases while these records are being added or updated. In addition, client queries for the related hostname may cause the same issue. This...
bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam
A flaw was found in the bind9 package, where a hostname with significant resource records may slow down bind's resolver cache and authoritative zone databases while these records are being added or updated. In addition, client queries for the related hostname may cause the same issue. This...
RHEL 8 : bind9.16 (RHSA-2024:5418)
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5418 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...
Important: bind and bind-dyndb-ldap security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...
Important: bind
Issue Overview: Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versio...
bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam
A flaw was found in the bind9 package, where a hostname with significant resource records may slow down bind's resolver cache and authoritative zone databases while these records are being added or updated. In addition, client queries for the related hostname may cause the same issue. This...
The vulnerability of the BIND DNS server, related to the distribution of resources without restrictions and regulation, allows a hacker to cause a service failure.
The vulnerability of the BIND DNS server is related to the exhaustion of resources on the resolver’s CPU. Exploiting this vulnerability allows a malicious actor to cause service failures by sending SIG0 signed requests...
OESA-2024-1972 bind security update
Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols and provides an openly redistributable reference implementation of the major components of the Domain Name System. This package includes the components to operate a DNS server. Security Fixes: Resolver...
OESA-2024-1971 bind security update
BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...
OESA-2024-1969 bind security update
BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...
OESA-2024-1973 bind security update
BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...
Important: bind
Issue Overview: Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versio...
Amazon Linux 2023 : bind, bind-chroot, bind-devel (ALAS2023-2024-680)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-680 advisory. Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or update...
CLSA-2024-1722529717 unbound: Fix of CVE-2023-50387
CVE-2023-50387: enhanced DNS resolver performance and stability by optimizing the handling of DNSSEC responses, reducing the potential for resource exhaustion...
Important: docker
Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...
Important: docker
Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...
SUSE CVE-2024-1737
Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 throug...
spring-security: Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated
A vulnerability was found in Spring Security. This issue may lead to Broken Access Control, allowing a malicious user to impact the Confidentiality and Integrity of an application or server. This requires the application to use AuthenticationTrustResolver.isFullyAuthenticatedAuthentication direct...
Denial Of Service (DoS)
libbind9.so is vulnerable to Denial of Service. The vulnerability is due to resolver caches and authoritative zone databases holding significant numbers of RRs for the same hostname, leading to issues when content is added or updated, and when handling client queries for this name...