isc-projects bind9 Vulnerabilities: CVEs, CISA KEV & Security Advisories

Severity and exploitation

How the CVSS severity of isc-projects bind9's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical0

High41

Medium25

Low1

13 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

None of isc-projects bind9's CVEs are currently listed in CISA's KEV catalog.

Public exploits

3 of isc-projects bind9's CVEs have a known public exploit available.

Affected versions and CVEs

Browse every isc-projects bind9 version named in a CVE, then pick one to see only the CVEs that affect it.

Specific versions

v9.5.0a134 CVEs
v9.5.0a234 CVEs
v9.5.0a334 CVEs
v9.5.0a434 CVEs
v9.5.0a532 CVEs
v9.5.0a631 CVEs
v9.7.0a131 CVEs
v9.10.0a130 CVEs
v9.10.0a230 CVEs
v9.10.0b130 CVEs
v9.10.0b228 CVEs
v9.10.0rc128 CVEs
v9.19.027 CVEs
v9.19.127 CVEs
v9.19.227 CVEs
v9.19.327 CVEs
v9.19.427 CVEs
v9.11.0a125 CVEs
v9.11.0a225 CVEs
v9.11.0a325 CVEs
v9.13.024 CVEs
v9.13.224 CVEs
v9.13.324 CVEs
v9.13.424 CVEs
v9.13.524 CVEs
v9.13.624 CVEs
v9.15.024 CVEs
v9.15.224 CVEs
v9.15.324 CVEs
v9.15.424 CVEs
v9.19.524 CVEs
v9.19.624 CVEs
v9.19.724 CVEs
v9.19.824 CVEs
v9.12.0a122 CVEs
v9.12.0b122 CVEs
v9.15.522 CVEs
v9.12.0b221 CVEs
v9.12.0rc121 CVEs
v9.19.1021 CVEs
v9.19.1121 CVEs
v9.19.1221 CVEs
v9.19.1321 CVEs
v9.19.921 CVEs
v9.15.620 CVEs
v9.19.1420 CVEs
v9.19.1520 CVEs
v9.19.1620 CVEs
v9.19.1720 CVEs
v9.19.1820 CVEs
v9.19.1920 CVEs
v9.15.719 CVEs
v9.15.819 CVEs
v9.17.419 CVEs
v9.19.2117 CVEs
v9.19.2217 CVEs
v9.19.2317 CVEs
v9.19.2417 CVEs
v9.20.017 CVEs
v9.9.010 CVEs
v9.9.110 CVEs
v9.9.2b110 CVEs
v9.9.2rc110 CVEs
v9.9.310 CVEs
v9.9.3b110 CVEs
v9.11.09 CVEs
v9.9.3b29 CVEs
v9.9.3rc19 CVEs
v9.9.3rc29 CVEs
v9.18.08 CVEs
v9.18.118 CVEs
v9.18.128 CVEs
v9.18.138 CVEs
v9.18.148 CVEs
v9.18.158 CVEs
v9.9.48 CVEs
v9.9.4b18 CVEs
v9.9.4rc18 CVEs
v9.9.4rc28 CVEs
v9.9.58 CVEs
v9.9.5b18 CVEs
v9.9.5rc18 CVEs
v9.9.5rc28 CVEs
v9.9.68 CVEs
v9.9.6b18 CVEs
v9.9.6b28 CVEs
v9.9.6rc18 CVEs
v9.9.6rc28 CVEs
v9.9.78 CVEs
v9.9.7b18 CVEs
v9.9.7rc18 CVEs
v9.9.7rc28 CVEs
v9.9.8b18 CVEs
v9.18.107 CVEs
v9.18.77 CVEs
v9.18.87 CVEs
v9.18.97 CVEs
v9.10.0rc26 CVEs
v9.10.16 CVEs
v9.10.1b16 CVEs
v9.10.1b26 CVEs
v9.10.1rc16 CVEs
v9.10.1rc26 CVEs
v9.10.26 CVEs
v9.10.2b16 CVEs
v9.10.2rc16 CVEs
v9.10.2rc26 CVEs
v9.10.36 CVEs
v9.10.3b16 CVEs
v9.10.3rc16 CVEs
v9.10.4b16 CVEs
v9.11.0b16 CVEs
v9.11.16 CVEs
v9.11.1b16 CVEs
v9.11.1rc16 CVEs
v9.11.1rc26 CVEs
v9.11.1rc36 CVEs
v9.18.26 CVEs
v9.18.36 CVEs
v9.18.46 CVEs
v9.18.56 CVEs
v9.18.66 CVEs
v9.9.86 CVEs
v9.9.8rc16 CVEs
v9.9.96 CVEs
v9.9.9b16 CVEs
v9.9.9b26 CVEs
v9.9.9rc16 CVEs
v9.10.45 CVEs
v9.10.4b25 CVEs
v9.10.4b35 CVEs
v9.10.4rc15 CVEs
v9.11.0b25 CVEs
v9.11.0b35 CVEs
v9.18.165 CVEs
v9.18.175 CVEs
v9.9.0rc35 CVEs
v9.9.0rc45 CVEs
v9.10.5b14 CVEs
v9.11.0rc14 CVEs
v9.11.0rc24 CVEs
v9.11.0rc34 CVEs
v9.11.34 CVEs
v9.18.184 CVEs
v9.18.194 CVEs
v9.18.204 CVEs
v9.18.214 CVEs
v9.9.10b14 CVEs
v9.9.10rc14 CVEs
v9.10.73 CVEs
v9.10.8rc23 CVEs
v9.9.103 CVEs
v9.9.10rc23 CVEs
v9.9.10rc33 CVEs
v9.10.82 CVEs
v9.11.2b12 CVEs
v9.11.2rc12 CVEs
v9.11.3b12 CVEs
v9.11.42 CVEs
v9.11.4rc22 CVEs
v9.12.12 CVEs
v9.12.1b12 CVEs
v9.12.1rc12 CVEs
v9.13.72 CVEs
v9.16.332 CVEs
v9.16.342 CVEs
v9.16.352 CVEs
v9.16.362 CVEs
v9.16.372 CVEs
v9.16.382 CVEs
v9.16.392 CVEs
v9.16.402 CVEs
v9.16.412 CVEs
v9.8.52 CVEs
v9.8.62 CVEs
v9.8.6b12 CVEs
v9.8.6rc12 CVEs
v9.8.6rc22 CVEs
v9.8.72 CVEs
v9.8.7b12 CVEs
v9.8.7rc12 CVEs
v9.8.7rc22 CVEs
v9.8.82 CVEs
v9.8.8b12 CVEs
v9.8.8b22 CVEs
v9.8.8rc12 CVEs
v9.8.8rc22 CVEs
v9.9.122 CVEs
v9.9.132 CVEs
v9.9.13rc22 CVEs
rec-4.9.01 CVE
rec-4.9.11 CVE
rec-4.9.21 CVE
rec-5.0.01 CVE
rec-5.0.0-rc21 CVE
rec-5.0.11 CVE
v9.11.3rc11 CVE
v9.11.5rc11 CVE
v9.11.61 CVE
v9.11.6rc11 CVE
v9.14.111 CVE
v9.14.121 CVE
v9.14.91 CVE
v9.16.01 CVE
v9.16.281 CVE
v9.16.291 CVE
v9.16.301 CVE
v9.16.311 CVE
v9.16.321 CVE
v9.16.421 CVE
v9.16.431 CVE
v9.16.441 CVE
v9.16.451 CVE
v9.16.61 CVE
v9.2.61 CVE
v9.2.91 CVE
v9.2.9b11 CVE
v9.2.9rc11 CVE
v9.8.01 CVE
v9.8.1b11 CVE
v9.8.1rc11 CVE
v9.8.2b11 CVE
v9.8.2rc11 CVE
v9.8.2rc21 CVE
v9.8.31 CVE
v9.8.4b11 CVE
v9.8.4rc11 CVE
v9.8.5b11 CVE
v9.8.5b21 CVE
v9.8.5rc11 CVE
v9.8.5rc21 CVE

Fixed in

5b2fed25f4f7d2c08b38c4d94193715cdbb2e0384 CVEs
85a6eb108e884467c4b3af414140d6b033a89a624 CVEs
1f554acee8df440c2fc211f976b196b31b9c92843 CVEs
2b2afb28abf4fb235ce0e9b1245cb673622c7dff3 CVEs
4469e3e6269d03d06286fd451490a1650bd9609e3 CVEs
50d43fc5905e4bc07acffbb5044ab8e40a1e461e3 CVEs
a752887dce93b705a62b6f3769679c94fb43fbc73 CVEs
ac3f4eb88b9f1581d141458b99635bf2cb9db1ba3 CVEs
12f71327ff796ed24752a4286fc0b3d9b21a4a572 CVEs
2799933bc6790356d4b3eebdfe21dc0f87977f142 CVEs
2d6d4babba5b5d2237bd37c0e4c3c993b7efd255

Find a version

80 CVEs

Sort

High vulnerability · 2024-02-14
CVE-2023-50868
Patch
CWE-400
High · CVSS 7.5
EPSS 12.4% (94th pct)2024-02-14
High vulnerability · 2024-02-13
CVE-2023-6516
Patch
CWE-789
High · CVSS 7.5
EPSS 0.2% (45th pct)2024-02-13
Medium vulnerability · 2024-02-13
CVE-2023-5680
Patch
Medium · CVSS 5.3
EPSS 0.1% (28th pct)2024-02-13
High vulnerability · 2024-02-13
CVE-2023-5679
Patch
Workaround
CWE-617
High · CVSS 7.5
EPSS 0.1% (34th pct)2024-02-13
High vulnerability · 2024-02-13
CVE-2023-5517
Patch
Workaround
CWE-617
High · CVSS 7.5
EPSS 0.1% (34th pct)2024-02-13
High vulnerability · 2024-02-13
CVE-2023-4408
Patch
CWE-407
High · CVSS 7.5
EPSS 0.3% (53th pct)2024-02-13
High vulnerability · 2023-09-20
CVE-2023-4236
Patch
High · CVSS 7.5
EPSS 0.2% (39th pct)2023-09-20
A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly
CVE-2023-3341
Patch
Workaround
CWE-1325
High · CVSS 7.5
EPSS 0.2% (48th pct)2023-09-20
High vulnerability · 2023-06-21
CVE-2023-2911
Patch
Workaround
High · CVSS 7.5
EPSS 0.1% (32th pct)2023-06-21
Malformed NSEC records can cause named to terminate unexpectedly when synth-from-dnssec is enabled
CVE-2023-2829
Patch
Workaround
High · CVSS 7.5
EPSS 0.1% (26th pct)2023-06-21
named's configured cache size limit can be significantly exceeded
CVE-2023-2828
Patch
High · CVSS 7.5
EPSS 1.2% (79th pct)2023-06-21
named configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota
CVE-2022-3924
Patch
Workaround
CWE-617
High · CVSS 7.5
EPSS 2.8% (86th pct)2023-01-25
named configured to answer from stale cache may terminate unexpectedly while processing RRSIG queries
CVE-2022-3736
Patch
Workaround
CWE-20
High · CVSS 7.5
EPSS 2.5% (86th pct)2023-01-25
High vulnerability · 2023-01-25
CVE-2022-3488
Patch
CWE-617
High · CVSS 7.5
EPSS 15.2% (95th pct)2023-01-25
An UPDATE message flood may cause named to exhaust all available memory
CVE-2022-3094
Patch
CWE-400
High · CVSS 7.5
EPSS 2.3% (85th pct)2023-01-25
High vulnerability · 2022-09-21
CVE-2022-3080
Patch
Workaround
CWE-613
High · CVSS 7.5
EPSS 0.1% (33th pct)2022-09-21
High vulnerability · 2022-09-21
CVE-2022-38178
Patch
Workaround
CWE-401
High · CVSS 7.5
EPSS 1.4% (81th pct)2022-09-21
Memory leak in ECDSA DNSSEC verification code
CVE-2022-38177
Patch
Workaround
CWE-401
High · CVSS 7.5
EPSS 1.2% (79th pct)2022-09-21
High vulnerability · 2022-09-21
CVE-2022-2906
Patch
CWE-401
High · CVSS 7.5
EPSS 0.9% (75th pct)2022-09-21
Medium vulnerability · 2022-09-21
CVE-2022-2881
Patch
Workaround
CWE-125
Medium · CVSS 5.5
EPSS 0.7% (72th pct)2022-09-21
Medium vulnerability · 2022-09-21
CVE-2022-2795
Patch
Medium · CVSS 5.3
EPSS 0.5% (66th pct)2022-09-21
High vulnerability · 2022-05-19
CVE-2022-1183
Patch
High · CVSS 7.5
EPSS 0.4% (61th pct)2022-05-19
Medium vulnerability · 2022-03-23
CVE-2021-25220
Patch
Workaround
Medium · CVSS 6.8
EPSS 0.1% (25th pct)2022-03-23
High vulnerability · 2022-03-23
CVE-2022-0635
Patch
Workaround
High · CVSS 7.5
EPSS 0.8% (74th pct)2022-03-23
Medium vulnerability · 2022-03-23
CVE-2022-0396
Patch
Workaround
Medium · CVSS 5.3
EPSS 0.1% (29th pct)2022-03-23
High vulnerability · 2022-03-22
CVE-2022-0667
Patch
High · CVSS 7.5
EPSS 0.7% (72th pct)2022-03-22
Medium vulnerability · 2021-10-27
CVE-2021-25219
Patch
Workaround
Medium · CVSS 5.3
EPSS 1.0% (78th pct)2021-10-27
High vulnerability · 2021-08-18
CVE-2021-25218
Patch
Workaround
High · CVSS 7.5
EPSS 0.6% (69th pct)2021-08-18
High vulnerability · 2021-04-29
CVE-2021-25216
Patch
Workaround
High · CVSS 8.1
EPSS 27.7% (97th pct)2021-04-29
High vulnerability · 2021-04-29
CVE-2021-25215
Patch
High · CVSS 7.5
EPSS 1.5% (81th pct)2021-04-29

Showing 30 of 80

Severity and exploitation

isc-projects bind9 Vulnerabilities

Overview

Severity and exploitation

Affected versions and CVEs

Specific versions

Fixed in

Common weakness types

Disclosure activity by year

Other isc-projects products

Frequently asked questions

How many CVEs does isc-projects bind9 have?

How many isc-projects bind9 CVEs are in CISA KEV?

Are there public exploits for isc-projects bind9 vulnerabilities?

Which versions of isc-projects bind9 are affected?

What are the most common weakness types in isc-projects bind9 CVEs?

What is the average severity of isc-projects bind9 CVEs?

References

Track isc-projects bind9 vulnerabilities