GCVE - cpe:2.3:a:isc:bind:9.9.9:s6:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:isc:bind:9.9.9:s6:*:*:*:*:*:*

part: a version: 9.9.9 update: s6

Vendor	Isc (`4a2f2b37-98b6-5702-822d-72afcd17d050`)
Product	Bind (`ea404969-e27c-5a4f-ab6f-da9eff8fdf08`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/isc-projects/bind9`	purl2cpe	2026-06-01 10:15:11.199507
`pkg:gitlab/isc-projects/bind9`	purl2cpe	2026-06-01 10:15:11.199509

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2016-9778`	vulnerable	2026-06-03 14:36:17.417948	An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c HIGH (7.5) An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the "nxdomain-redirect" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type "redirect" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -> 9.9.8-S3, 9.9.9-S1 -> 9.9.9-S6, 9.11.0-9.11.0-P1. Published: 2019-01-16T20:00:00.000Z Updated: 2024-09-16T20:01:47.192Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id/1037582 https://security.gentoo.org/glsa/201708-01 https://security.netapp.com/advisory/ntap-20180926-0005/ https://kb.isc.org/article/AA-01442/ http://www.securityfocus.com/bid/95388	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-9147`	vulnerable	2026-06-03 14:36:15.742067	Details available named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets. Published: 2017-01-12T06:06:00.000Z Updated: 2024-08-06T02:42:11.012Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id/1037582 https://security.gentoo.org/glsa/201708-01 https://kb.isc.org/article/AA-01440/74/CVE-2016-9147 https://security.netapp.com/advisory/ntap-20180926-0005/ https://access.redhat.com/errata/RHSA-2017:1582	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.