ISC BIND 9.11.4 S1 Supported Preview Edition
Approved changes feed: RSS · Atom
cpe:2.3:a:isc:bind:9.11.4:s1:*:*:supported_preview:*:*:*
part: a version: 9.11.4 update: s1
| Vendor | Isc (4a2f2b37-98b6-5702-822d-72afcd17d050) |
|---|---|
| Product | Bind (ea404969-e27c-5a4f-ab6f-da9eff8fdf08) |
| Edition | * |
| Language | * |
| Software edition | supported_preview |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/isc-projects/bind9 |
purl2cpe | 2026-06-01 10:15:10.839767 |
pkg:gitlab/isc-projects/bind9 |
purl2cpe | 2026-06-01 10:15:10.839768 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-1737 |
vulnerable | 2026-06-03 14:54:34.448026 |
BIND's database will be slow if a very large number of RRs exist at the same name
HIGH (7.5)
Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name.
This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.
Published: 2024-07-23T14:34:09.750Z
Updated: 2025-02-13T17:32:25.755Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-5680 |
vulnerable | 2026-06-03 14:53:49.361289 |
Cleaning an ECS-enabled cache may cause excessive CPU load
MEDIUM (5.3)
If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance.
This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.
Published: 2024-02-13T14:05:19.783Z
Updated: 2025-03-17T15:04:41.734Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-3341 |
vulnerable | 2026-06-03 14:52:40.520751 |
A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly
HIGH (7.5)
The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary.
This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1.
Published: 2023-09-20T12:32:03.073Z
Updated: 2025-12-02T20:15:58.967Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-3488 |
vulnerable | 2026-06-03 14:47:58.590509 |
named may terminate unexpectedly when processing ECS options in repeated responses to iterative queries
HIGH (7.5)
Processing of repeated responses to the same query, where both responses contain ECS pseudo-options, but where the first is broken in some way, can cause BIND to exit with an assertion failure.
'Broken' in this context is anything that would cause the resolver to reject the query response, such as a mismatch between query and answer name.
This issue affects BIND 9 versions 9.11.4-S1 through 9.11.37-S1 and 9.16.8-S1 through 9.16.36-S1.
Published: 2023-01-25T21:37:47.872Z
Updated: 2025-04-01T14:12:27.102Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.