ISC BIND 9.18.18 S1 Supported Preview Edition
Approved changes feed: RSS · Atom
cpe:2.3:a:isc:bind:9.18.18:s1:*:*:supported_preview:*:*:*
part: a version: 9.18.18 update: s1
| Vendor | Isc (4a2f2b37-98b6-5702-822d-72afcd17d050) |
|---|---|
| Product | Bind (ea404969-e27c-5a4f-ab6f-da9eff8fdf08) |
| Edition | * |
| Language | * |
| Software edition | supported_preview |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/isc-projects/bind9 |
purl2cpe | 2026-06-01 10:15:10.890660 |
pkg:gitlab/isc-projects/bind9 |
purl2cpe | 2026-06-01 10:15:10.890661 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-5680 |
vulnerable | 2026-06-03 14:53:49.368905 |
Cleaning an ECS-enabled cache may cause excessive CPU load
MEDIUM (5.3)
If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance.
This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.
Published: 2024-02-13T14:05:19.783Z
Updated: 2025-03-17T15:04:41.734Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-5679 |
vulnerable | 2026-06-03 14:53:49.355980 |
Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution
HIGH (7.5)
A bad interaction between DNS64 and serve-stale may cause `named` to crash with an assertion failure during recursive resolution, when both of these features are enabled.
This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.
Published: 2024-02-13T14:05:06.688Z
Updated: 2025-03-28T23:51:12.042Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-5517 |
vulnerable | 2026-06-03 14:53:48.893193 |
Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled
HIGH (7.5)
A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when:
- `nxdomain-redirect <domain>;` is configured, and
- the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response.
This issue affects BIND 9 versions 9.12.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.
Published: 2024-02-13T14:04:54.389Z
Updated: 2025-02-13T17:25:39.556Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-4408 |
vulnerable | 2026-06-03 14:53:27.976056 |
Parsing large DNS messages may cause excessive CPU load
HIGH (7.5)
The DNS message parsing code in `named` includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected `named` instance by exploiting this flaw. This issue affects both authoritative servers and recursive resolvers.
This issue affects BIND 9 versions 9.0.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.
Published: 2024-02-13T14:04:17.519Z
Updated: 2025-03-14T16:16:25.564Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-4236 |
vulnerable | 2026-06-03 14:53:27.601453 |
named may terminate unexpectedly under high DNS-over-TLS query load
HIGH (7.5)
A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load.
This issue affects BIND 9 versions 9.18.0 through 9.18.18 and 9.18.11-S1 through 9.18.18-S1.
Published: 2023-09-20T12:32:16.631Z
Updated: 2025-02-13T17:09:18.327Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-3341 |
vulnerable | 2026-06-03 14:52:40.534992 |
A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly
HIGH (7.5)
The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary.
This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1.
Published: 2023-09-20T12:32:03.073Z
Updated: 2025-12-02T20:15:58.967Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.