ISC BIND 9.10.6 S1

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:isc:bind:9.10.6:s1:*:*:*:*:*:*

part: a version: 9.10.6 update: s1

VendorIsc (4a2f2b37-98b6-5702-822d-72afcd17d050)
ProductBind (ea404969-e27c-5a4f-ab6f-da9eff8fdf08)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:github/isc-projects/bind9 purl2cpe 2026-06-01 10:15:10.821232
pkg:gitlab/isc-projects/bind9 purl2cpe 2026-06-01 10:15:10.821233

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2018-5734 vulnerable 2026-06-03 14:38:58.424734 A malformed request can trigger an assertion failure in badcache.c
HIGH (7.5)
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2.
Published: 2019-01-16T20:00:00.000Z
Updated: 2024-09-17T02:31:46.321Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-3145 vulnerable 2026-06-03 14:37:09.677239 Improper fetch cleanup sequencing in the resolver can cause named to crash
HIGH (7.5)
BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1.
Published: 2019-01-16T20:00:00.000Z
Updated: 2024-09-17T00:10:46.349Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.