{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","type":"deb","namespace":"debian","name":"bind9","version":"1:9.16.50-1~deb11u2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1:9.16.50-1~deb11u3","latest_non_vulnerable_version":"1:9.20.23-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59899?format=json","vulnerability_id":"VCID-acdz-uq4x-mucc","summary":"bind: Unbounded resend loop in BIND 9 resolver","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5950.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5950.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5950","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34376","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.3442","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34435","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.344","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34357","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5950"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479773","reference_id":"2479773","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479773"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.18.49","reference_id":"9.18.49","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:38:40Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.18.49"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.20.23","reference_id":"9.20.23","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:38:40Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.20.23"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.21.22","reference_id":"9.21.22","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:38:40Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.21.22"},{"reference_url":"https://kb.isc.org/docs/cve-2026-5950","reference_id":"cve-2026-5950","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:38:40Z/"}],"url":"https://kb.isc.org/docs/cve-2026-5950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20334","reference_id":"RHSA-2026:20334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20334"},{"reference_url":"https://usn.ubuntu.com/8293-1/","reference_id":"USN-8293-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8293-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89078?format=json","purl":"pkg:deb/debian/bind9@1:9.18.49-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.49-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89080?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2026-5950"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-acdz-uq4x-mucc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60218?format=json","vulnerability_id":"VCID-ekn5-nayb-uufj","summary":"The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2881.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2881.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2881","reference_id":"","reference_type":"","scores":[{"value":"0.00686","scoring_system":"epss","scoring_elements":"0.72095","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00686","scoring_system":"epss","scoring_elements":"0.72133","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00686","scoring_system":"epss","scoring_elements":"0.72136","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00686","scoring_system":"epss","scoring_elements":"0.72143","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00686","scoring_system":"epss","scoring_elements":"0.72122","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00686","scoring_system":"epss","scoring_elements":"0.72108","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2881"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2881","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2881"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2128594","reference_id":"2128594","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2128594"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/09/21/3","reference_id":"3","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:26:29Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/09/21/3"},{"reference_url":"https://kb.isc.org/docs/cve-2022-2881","reference_id":"cve-2022-2881","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:26:29Z/"}],"url":"https://kb.isc.org/docs/cve-2022-2881"},{"reference_url":"https://security.gentoo.org/glsa/202210-25","reference_id":"GLSA-202210-25","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:26:29Z/"}],"url":"https://security.gentoo.org/glsa/202210-25"},{"reference_url":"https://usn.ubuntu.com/5626-1/","reference_id":"USN-5626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89029?format=json","purl":"pkg:deb/debian/bind9@1:9.18.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2022-2881"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ekn5-nayb-uufj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60268?format=json","vulnerability_id":"VCID-qu9b-7ejp-jyaa","summary":"If a `named` caching resolver is configured with `serve-stale-enable` `yes`, and with `stale-answer-client-timeout` set to `0` (the only allowable value other than `disabled`), and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or authoritative records, the daemon will abort with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.10, 9.21.0 through 9.21.9, and 9.20.9-S1 through 9.20.10-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40777.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40777.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-40777","reference_id":"","reference_type":"","scores":[{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27472","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27554","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27515","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27466","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27604","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-40777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40777"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2381418","reference_id":"2381418","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2381418"},{"reference_url":"https://kb.isc.org/docs/cve-2025-40777","reference_id":"cve-2025-40777","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-18T14:25:41Z/"}],"url":"https://kb.isc.org/docs/cve-2025-40777"},{"reference_url":"https://usn.ubuntu.com/7641-1/","reference_id":"USN-7641-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7641-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89065?format=json","purl":"pkg:deb/debian/bind9@1:9.20.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2025-40777"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qu9b-7ejp-jyaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59918?format=json","vulnerability_id":"VCID-ykwn-e6sw-eueh","summary":"bind: BIND 9 server memory exhaustion during GSS-API TKEY negotiation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3039.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3039.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3039","reference_id":"","reference_type":"","scores":[{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26248","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26352","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26344","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26299","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26243","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3039"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3039","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3039"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479767","reference_id":"2479767","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479767"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.18.49","reference_id":"9.18.49","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:42:49Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.18.49"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.20.23","reference_id":"9.20.23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:42:49Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.20.23"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.21.22","reference_id":"9.21.22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:42:49Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.21.22"},{"reference_url":"https://kb.isc.org/docs/cve-2026-3039","reference_id":"cve-2026-3039","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:42:49Z/"}],"url":"https://kb.isc.org/docs/cve-2026-3039"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20334","reference_id":"RHSA-2026:20334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23360","reference_id":"RHSA-2026:23360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24338","reference_id":"RHSA-2026:24338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24339","reference_id":"RHSA-2026:24339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24367","reference_id":"RHSA-2026:24367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24368","reference_id":"RHSA-2026:24368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24368"},{"reference_url":"https://usn.ubuntu.com/8293-1/","reference_id":"USN-8293-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8293-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89078?format=json","purl":"pkg:deb/debian/bind9@1:9.18.49-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.49-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89080?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2026-3039"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ykwn-e6sw-eueh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59917?format=json","vulnerability_id":"VCID-zfyv-k8nv-zubd","summary":"bind: BIND: Denial of Service via specially crafted DNS messages","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5946.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5946.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5946","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21008","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.2112","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21107","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21063","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20999","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5946"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479771","reference_id":"2479771","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479771"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.18.49","reference_id":"9.18.49","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:40:04Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.18.49"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.20.23","reference_id":"9.20.23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:40:04Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.20.23"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.21.22","reference_id":"9.21.22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:40:04Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.21.22"},{"reference_url":"https://kb.isc.org/docs/cve-2026-5946","reference_id":"cve-2026-5946","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:40:04Z/"}],"url":"https://kb.isc.org/docs/cve-2026-5946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20334","reference_id":"RHSA-2026:20334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23360","reference_id":"RHSA-2026:23360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24338","reference_id":"RHSA-2026:24338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24339","reference_id":"RHSA-2026:24339","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24367","reference_id":"RHSA-2026:24367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24368","reference_id":"RHSA-2026:24368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24368"},{"reference_url":"https://usn.ubuntu.com/8293-1/","reference_id":"USN-8293-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8293-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89078?format=json","purl":"pkg:deb/debian/bind9@1:9.18.49-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.49-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89080?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2026-5946"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zfyv-k8nv-zubd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59897?format=json","vulnerability_id":"VCID-zruv-x4yk-dqch","summary":"bind: Amplification vulnerabilities via self-pointed glue records","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3592.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3592.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3592","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07179","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.0721","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07216","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07202","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07158","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3592"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3592","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3592"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479768","reference_id":"2479768","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479768"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.18.49","reference_id":"9.18.49","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:42:13Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.18.49"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.20.23","reference_id":"9.20.23","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:42:13Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.20.23"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.21.22","reference_id":"9.21.22","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:42:13Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.21.22"},{"reference_url":"https://kb.isc.org/docs/cve-2026-3592","reference_id":"cve-2026-3592","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:42:13Z/"}],"url":"https://kb.isc.org/docs/cve-2026-3592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20334","reference_id":"RHSA-2026:20334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20334"},{"reference_url":"https://usn.ubuntu.com/8293-1/","reference_id":"USN-8293-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8293-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89078?format=json","purl":"pkg:deb/debian/bind9@1:9.18.49-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.49-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89080?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2026-3592"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zruv-x4yk-dqch"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60021?format=json","vulnerability_id":"VCID-15j3-vrxp-gqat","summary":"ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4244.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4244.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4244","reference_id":"","reference_type":"","scores":[{"value":"0.55937","scoring_system":"epss","scoring_elements":"0.98139","published_at":"2026-06-08T12:55:00Z"},{"value":"0.55937","scoring_system":"epss","scoring_elements":"0.98138","published_at":"2026-06-09T12:55:00Z"},{"value":"0.58236","scoring_system":"epss","scoring_elements":"0.98223","published_at":"2026-06-04T12:55:00Z"},{"value":"0.58236","scoring_system":"epss","scoring_elements":"0.98225","published_at":"2026-06-05T12:55:00Z"},{"value":"0.58236","scoring_system":"epss","scoring_elements":"0.98226","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693015","reference_id":"693015","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693015"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=856754","reference_id":"856754","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=856754"},{"reference_url":"https://security.gentoo.org/glsa/201209-04","reference_id":"GLSA-201209-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1266","reference_id":"RHSA-2012:1266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1267","reference_id":"RHSA-2012:1267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1268","reference_id":"RHSA-2012:1268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1365","reference_id":"RHSA-2012:1365","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1365"},{"reference_url":"https://usn.ubuntu.com/1566-1/","reference_id":"USN-1566-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1566-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88975?format=json","purl":"pkg:deb/debian/bind9@1:9.8.4.dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.8.4.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2012-4244"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-15j3-vrxp-gqat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60243?format=json","vulnerability_id":"VCID-1gpp-2s7g-fbbx","summary":"A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when:    - `nxdomain-redirect <domain>;` is configured, and   - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versions 9.12.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5517.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5517.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5517","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34357","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.344","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34416","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34381","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34338","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/13/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T13:32:01Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/13/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263897","reference_id":"2263897","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263897"},{"reference_url":"https://kb.isc.org/docs/cve-2023-5517","reference_id":"cve-2023-5517","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T13:32:01Z/"}],"url":"https://kb.isc.org/docs/cve-2023-5517"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/","reference_id":"HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T13:32:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240503-0006/","reference_id":"ntap-20240503-0006","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T13:32:01Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240503-0006/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/","reference_id":"PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T13:32:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/","reference_id":"RGS7JN6FZXUSTC2XKQHH27574XOULYYJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T13:32:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1647","reference_id":"RHSA-2024:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1648","reference_id":"RHSA-2024:1648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1781","reference_id":"RHSA-2024:1781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1789","reference_id":"RHSA-2024:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1800","reference_id":"RHSA-2024:1800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1803","reference_id":"RHSA-2024:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2551","reference_id":"RHSA-2024:2551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2551"},{"reference_url":"https://usn.ubuntu.com/6633-1/","reference_id":"USN-6633-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6633-1/"},{"reference_url":"https://usn.ubuntu.com/6642-1/","reference_id":"USN-6642-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6642-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","reference_id":"ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T13:32:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89051?format=json","purl":"pkg:deb/debian/bind9@1:9.16.48-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.48-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89050?format=json","purl":"pkg:deb/debian/bind9@1:9.18.24-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.24-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89052?format=json","purl":"pkg:deb/debian/bind9@1:9.19.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.19.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2023-5517"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1gpp-2s7g-fbbx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6750?format=json","vulnerability_id":"VCID-1s2d-ekyw-d3dk","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8864.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8864.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8864","reference_id":"","reference_type":"","scores":[{"value":"0.44377","scoring_system":"epss","scoring_elements":"0.97627","published_at":"2026-06-04T12:55:00Z"},{"value":"0.44377","scoring_system":"epss","scoring_elements":"0.97635","published_at":"2026-06-09T12:55:00Z"},{"value":"0.44377","scoring_system":"epss","scoring_elements":"0.97633","published_at":"2026-06-06T12:55:00Z"},{"value":"0.44377","scoring_system":"epss","scoring_elements":"0.97632","published_at":"2026-06-07T12:55:00Z"},{"value":"0.44377","scoring_system":"epss","scoring_elements":"0.97634","published_at":"2026-06-08T12:55:00Z"},{"value":"0.44377","scoring_system":"epss","scoring_elements":"0.97631","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8864"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1389652","reference_id":"1389652","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1389652"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842858","reference_id":"842858","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842858"},{"reference_url":"https://security.archlinux.org/ASA-201611-3","reference_id":"ASA-201611-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-3"},{"reference_url":"https://security.archlinux.org/AVG-59","reference_id":"AVG-59","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-59"},{"reference_url":"https://security.gentoo.org/glsa/201701-26","reference_id":"GLSA-201701-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2141","reference_id":"RHSA-2016:2141","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2141"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2142","reference_id":"RHSA-2016:2142","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2142"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2615","reference_id":"RHSA-2016:2615","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2615"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2871","reference_id":"RHSA-2016:2871","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2871"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1583","reference_id":"RHSA-2017:1583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1583"},{"reference_url":"https://usn.ubuntu.com/3119-1/","reference_id":"USN-3119-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3119-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88991?format=json","purl":"pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2016-8864"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1s2d-ekyw-d3dk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60104?format=json","vulnerability_id":"VCID-2e7f-nmrc-nfa1","summary":"The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2->9.2.9, 9.3.2-P1->9.3.6, 9.4.0->9.8.8, 9.9.0->9.9.10, 9.10.0->9.10.5, 9.11.0->9.11.1, 9.9.3-S1->9.9.10-S1, 9.10.5-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3141.json","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3141.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3141","reference_id":"","reference_type":"","scores":[{"value":"0.0162","scoring_system":"epss","scoring_elements":"0.8216","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0162","scoring_system":"epss","scoring_elements":"0.82189","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0162","scoring_system":"epss","scoring_elements":"0.82191","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0162","scoring_system":"epss","scoring_elements":"0.82193","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0162","scoring_system":"epss","scoring_elements":"0.82186","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0162","scoring_system":"epss","scoring_elements":"0.82201","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3141"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461310","reference_id":"1461310","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461310"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/42121.txt","reference_id":"CVE-2017-3141","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/42121.txt"},{"reference_url":"https://security.gentoo.org/glsa/201708-01","reference_id":"GLSA-201708-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201708-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2017-3141"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2e7f-nmrc-nfa1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60193?format=json","vulnerability_id":"VCID-2eep-k33x-wqaw","summary":"In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with \"--enable-native-pkcs11\" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8623.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8623.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8623","reference_id":"","reference_type":"","scores":[{"value":"0.18318","scoring_system":"epss","scoring_elements":"0.95338","published_at":"2026-06-04T12:55:00Z"},{"value":"0.18318","scoring_system":"epss","scoring_elements":"0.95345","published_at":"2026-06-05T12:55:00Z"},{"value":"0.18318","scoring_system":"epss","scoring_elements":"0.95354","published_at":"2026-06-09T12:55:00Z"},{"value":"0.18318","scoring_system":"epss","scoring_elements":"0.95348","published_at":"2026-06-06T12:55:00Z"},{"value":"0.18318","scoring_system":"epss","scoring_elements":"0.9535","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1869477","reference_id":"1869477","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1869477"},{"reference_url":"https://security.gentoo.org/glsa/202008-19","reference_id":"GLSA-202008-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202008-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4500","reference_id":"RHSA-2020:4500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4992","reference_id":"RHSA-2020:4992","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4992"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5011","reference_id":"RHSA-2020:5011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5203","reference_id":"RHSA-2020:5203","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5203"},{"reference_url":"https://usn.ubuntu.com/4468-1/","reference_id":"USN-4468-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4468-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89019?format=json","purl":"pkg:deb/debian/bind9@1:9.16.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8623"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2eep-k33x-wqaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60040?format=json","vulnerability_id":"VCID-2h5t-verv-kqg5","summary":"libdns in ISC BIND 9.10.0 before P2 does not properly handle EDNS options, which allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted packet, as demonstrated by an attack against named, dig, or delv.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3859.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3859.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3859","reference_id":"","reference_type":"","scores":[{"value":"0.29819","scoring_system":"epss","scoring_elements":"0.96731","published_at":"2026-06-04T12:55:00Z"},{"value":"0.29819","scoring_system":"epss","scoring_elements":"0.96735","published_at":"2026-06-05T12:55:00Z"},{"value":"0.29819","scoring_system":"epss","scoring_elements":"0.96739","published_at":"2026-06-08T12:55:00Z"},{"value":"0.29819","scoring_system":"epss","scoring_elements":"0.9674","published_at":"2026-06-07T12:55:00Z"},{"value":"0.29819","scoring_system":"epss","scoring_elements":"0.96744","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3859"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1108544","reference_id":"1108544","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1108544"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2014-3859"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2h5t-verv-kqg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60014?format=json","vulnerability_id":"VCID-2hp9-htce-hbb3","summary":"Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2464.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2464.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2464","reference_id":"","reference_type":"","scores":[{"value":"0.16206","scoring_system":"epss","scoring_elements":"0.94946","published_at":"2026-06-08T12:55:00Z"},{"value":"0.16206","scoring_system":"epss","scoring_elements":"0.94951","published_at":"2026-06-09T12:55:00Z"},{"value":"0.24783","scoring_system":"epss","scoring_elements":"0.96253","published_at":"2026-06-04T12:55:00Z"},{"value":"0.24783","scoring_system":"epss","scoring_elements":"0.96258","published_at":"2026-06-05T12:55:00Z"},{"value":"0.24783","scoring_system":"epss","scoring_elements":"0.9626","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=718966","reference_id":"718966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=718966"},{"reference_url":"https://security.gentoo.org/glsa/201206-01","reference_id":"GLSA-201206-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0926","reference_id":"RHSA-2011:0926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0926"},{"reference_url":"https://usn.ubuntu.com/1163-1/","reference_id":"USN-1163-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1163-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88972?format=json","purl":"pkg:deb/debian/bind9@1:9.8.1.dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.8.1.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2011-2464"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2hp9-htce-hbb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60245?format=json","vulnerability_id":"VCID-2j2f-8dbe-ybg4","summary":"If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance.  This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5680.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5680.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5680","reference_id":"","reference_type":"","scores":[{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28003","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28127","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28079","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28042","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.27999","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5680"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264285","reference_id":"2264285","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2264285"},{"reference_url":"https://kb.isc.org/docs/cve-2023-5680","reference_id":"cve-2023-5680","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T18:02:52Z/"}],"url":"https://kb.isc.org/docs/cve-2023-5680"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240503-0005/","reference_id":"ntap-20240503-0005","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T18:02:52Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240503-0005/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2023-5680"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2j2f-8dbe-ybg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60102?format=json","vulnerability_id":"VCID-2vqb-d4pk-1kac","summary":"If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0->9.11.1, 9.9.10-S1, 9.10.5-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3140.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3140.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3140","reference_id":"","reference_type":"","scores":[{"value":"0.34362","scoring_system":"epss","scoring_elements":"0.97081","published_at":"2026-06-04T12:55:00Z"},{"value":"0.34362","scoring_system":"epss","scoring_elements":"0.97092","published_at":"2026-06-09T12:55:00Z"},{"value":"0.34362","scoring_system":"epss","scoring_elements":"0.97084","published_at":"2026-06-05T12:55:00Z"},{"value":"0.34362","scoring_system":"epss","scoring_elements":"0.97086","published_at":"2026-06-06T12:55:00Z"},{"value":"0.34362","scoring_system":"epss","scoring_elements":"0.97088","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3140"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461302","reference_id":"1461302","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461302"},{"reference_url":"https://security.archlinux.org/ASA-201706-18","reference_id":"ASA-201706-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-18"},{"reference_url":"https://security.archlinux.org/AVG-301","reference_id":"AVG-301","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-301"},{"reference_url":"https://security.gentoo.org/glsa/201708-01","reference_id":"GLSA-201708-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201708-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2017-3140"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2vqb-d4pk-1kac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59990?format=json","vulnerability_id":"VCID-36gs-uztg-wkej","summary":"Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to \"dereference a freed fetch context.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0493.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0493.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0493","reference_id":"","reference_type":"","scores":[{"value":"0.13838","scoring_system":"epss","scoring_elements":"0.94427","published_at":"2026-06-04T12:55:00Z"},{"value":"0.13838","scoring_system":"epss","scoring_elements":"0.94435","published_at":"2026-06-05T12:55:00Z"},{"value":"0.13838","scoring_system":"epss","scoring_elements":"0.94437","published_at":"2026-06-06T12:55:00Z"},{"value":"0.13838","scoring_system":"epss","scoring_elements":"0.94439","published_at":"2026-06-07T12:55:00Z"},{"value":"0.13838","scoring_system":"epss","scoring_elements":"0.9444","published_at":"2026-06-08T12:55:00Z"},{"value":"0.13838","scoring_system":"epss","scoring_elements":"0.94444","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0493"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0493"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=230003","reference_id":"230003","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=230003"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408432","reference_id":"408432","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408432"},{"reference_url":"https://security.gentoo.org/glsa/200702-06","reference_id":"GLSA-200702-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200702-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0057","reference_id":"RHSA-2007:0057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0057"},{"reference_url":"https://usn.ubuntu.com/418-1/","reference_id":"USN-418-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/418-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88959?format=json","purl":"pkg:deb/debian/bind9@1:9.3.4-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.3.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2007-0493"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-36gs-uztg-wkej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60236?format=json","vulnerability_id":"VCID-3qtv-edyw-hugb","summary":"If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2911.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2911.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2911","reference_id":"","reference_type":"","scores":[{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32035","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32113","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32081","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32044","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32012","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2911"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2216228","reference_id":"2216228","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2216228"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/06/21/6","reference_id":"6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T18:32:18Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/06/21/6"},{"reference_url":"https://kb.isc.org/docs/cve-2023-2911","reference_id":"cve-2023-2911","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T18:32:18Z/"}],"url":"https://kb.isc.org/docs/cve-2023-2911"},{"reference_url":"https://www.debian.org/security/2023/dsa-5439","reference_id":"dsa-5439","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T18:32:18Z/"}],"url":"https://www.debian.org/security/2023/dsa-5439"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230703-0010/","reference_id":"ntap-20230703-0010","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T18:32:18Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230703-0010/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/","reference_id":"SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T18:32:18Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/","reference_id":"U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T18:32:18Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/"},{"reference_url":"https://usn.ubuntu.com/6183-1/","reference_id":"USN-6183-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6183-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89037?format=json","purl":"pkg:deb/debian/bind9@1:9.16.42-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.42-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89036?format=json","purl":"pkg:deb/debian/bind9@1:9.18.16-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.16-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89039?format=json","purl":"pkg:deb/debian/bind9@1:9.18.16-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.16-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2023-2911"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3qtv-edyw-hugb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5589?format=json","vulnerability_id":"VCID-41zb-5kpj-jbdb","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25215.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25215.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25215","reference_id":"","reference_type":"","scores":[{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81427","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81397","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81424","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02015","scoring_system":"epss","scoring_elements":"0.84072","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02251","scoring_system":"epss","scoring_elements":"0.84923","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02251","scoring_system":"epss","scoring_elements":"0.84909","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25215"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1953857","reference_id":"1953857","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1953857"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987742","reference_id":"987742","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987742"},{"reference_url":"https://security.archlinux.org/ASA-202104-10","reference_id":"ASA-202104-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-10"},{"reference_url":"https://security.archlinux.org/AVG-1890","reference_id":"AVG-1890","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1468","reference_id":"RHSA-2021:1468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1469","reference_id":"RHSA-2021:1469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1475","reference_id":"RHSA-2021:1475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1476","reference_id":"RHSA-2021:1476","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1477","reference_id":"RHSA-2021:1477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1478","reference_id":"RHSA-2021:1478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1479","reference_id":"RHSA-2021:1479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1989","reference_id":"RHSA-2021:1989","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1989"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2024","reference_id":"RHSA-2021:2024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2028","reference_id":"RHSA-2021:2028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2028"},{"reference_url":"https://usn.ubuntu.com/4929-1/","reference_id":"USN-4929-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4929-1/"},{"reference_url":"https://usn.ubuntu.com/7739-1/","reference_id":"USN-7739-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7739-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89023?format=json","purl":"pkg:deb/debian/bind9@1:9.16.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2021-25215"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-41zb-5kpj-jbdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60119?format=json","vulnerability_id":"VCID-45wz-94b7-87gz","summary":"An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to cause a vulnerable server to initiate zone transfers (for example: by sending valid NOTIFY messages), causing the named process to exit after failing the assertion test. Affects BIND 9.12.0 and 9.12.1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5736.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5736.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5736","reference_id":"","reference_type":"","scores":[{"value":"0.42906","scoring_system":"epss","scoring_elements":"0.97553","published_at":"2026-06-04T12:55:00Z"},{"value":"0.42906","scoring_system":"epss","scoring_elements":"0.97558","published_at":"2026-06-07T12:55:00Z"},{"value":"0.42906","scoring_system":"epss","scoring_elements":"0.97561","published_at":"2026-06-09T12:55:00Z"},{"value":"0.42906","scoring_system":"epss","scoring_elements":"0.97559","published_at":"2026-06-06T12:55:00Z"},{"value":"0.42906","scoring_system":"epss","scoring_elements":"0.9756","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5736"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1578591","reference_id":"1578591","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1578591"},{"reference_url":"https://security.archlinux.org/ASA-201805-20","reference_id":"ASA-201805-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201805-20"},{"reference_url":"https://security.archlinux.org/AVG-706","reference_id":"AVG-706","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-706"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5736"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-45wz-94b7-87gz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60231?format=json","vulnerability_id":"VCID-4bzx-w6q7-77dc","summary":"BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3736.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3736.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3736","reference_id":"","reference_type":"","scores":[{"value":"0.02526","scoring_system":"epss","scoring_elements":"0.85705","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02526","scoring_system":"epss","scoring_elements":"0.85726","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02526","scoring_system":"epss","scoring_elements":"0.85727","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02526","scoring_system":"epss","scoring_elements":"0.8573","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02526","scoring_system":"epss","scoring_elements":"0.85712","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3924"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164038","reference_id":"2164038","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164038"},{"reference_url":"https://kb.isc.org/docs/cve-2022-3736","reference_id":"cve-2022-3736","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T14:10:30Z/"}],"url":"https://kb.isc.org/docs/cve-2022-3736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2261","reference_id":"RHSA-2023:2261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2792","reference_id":"RHSA-2023:2792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2792"},{"reference_url":"https://usn.ubuntu.com/5827-1/","reference_id":"USN-5827-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5827-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89032?format=json","purl":"pkg:deb/debian/bind9@1:9.16.37-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.37-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89031?format=json","purl":"pkg:deb/debian/bind9@1:9.18.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2022-3736"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4bzx-w6q7-77dc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60153?format=json","vulnerability_id":"VCID-4f6u-wdgn-bqea","summary":"In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet (ECS) features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIND Supported Preview Edition version 9.10.5-S1 -> 9.11.5-S5. ONLY BIND Supported Preview Edition releases are affected.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6468.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6468.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6468","reference_id":"","reference_type":"","scores":[{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77948","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77975","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77981","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77972","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77961","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77978","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6468"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702642","reference_id":"1702642","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702642"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2019-6468"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4f6u-wdgn-bqea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60196?format=json","vulnerability_id":"VCID-4rdc-dpb9-t3gp","summary":"In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8624.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8624.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8624","reference_id":"","reference_type":"","scores":[{"value":"0.01632","scoring_system":"epss","scoring_elements":"0.82243","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01632","scoring_system":"epss","scoring_elements":"0.82271","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01632","scoring_system":"epss","scoring_elements":"0.82272","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01632","scoring_system":"epss","scoring_elements":"0.82273","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01632","scoring_system":"epss","scoring_elements":"0.82267","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01632","scoring_system":"epss","scoring_elements":"0.8228","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1869480","reference_id":"1869480","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1869480"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966497","reference_id":"966497","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966497"},{"reference_url":"https://security.gentoo.org/glsa/202008-19","reference_id":"GLSA-202008-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202008-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4500","reference_id":"RHSA-2020:4500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5011","reference_id":"RHSA-2020:5011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5203","reference_id":"RHSA-2020:5203","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5203"},{"reference_url":"https://usn.ubuntu.com/4468-1/","reference_id":"USN-4468-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4468-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89019?format=json","purl":"pkg:deb/debian/bind9@1:9.16.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8624"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4rdc-dpb9-t3gp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60035?format=json","vulnerability_id":"VCID-4szx-skhq-xfdk","summary":"The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0591.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0591.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0591","reference_id":"","reference_type":"","scores":[{"value":"0.51542","scoring_system":"epss","scoring_elements":"0.97943","published_at":"2026-06-04T12:55:00Z"},{"value":"0.51542","scoring_system":"epss","scoring_elements":"0.97947","published_at":"2026-06-08T12:55:00Z"},{"value":"0.51542","scoring_system":"epss","scoring_elements":"0.97946","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0591"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1051717","reference_id":"1051717","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1051717"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735190","reference_id":"735190","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735190"},{"reference_url":"https://security.gentoo.org/glsa/201401-34","reference_id":"GLSA-201401-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0043","reference_id":"RHSA-2014:0043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1244","reference_id":"RHSA-2014:1244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1244"},{"reference_url":"https://usn.ubuntu.com/2081-1/","reference_id":"USN-2081-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2081-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88980?format=json","purl":"pkg:deb/debian/bind9@1:9.9.5.dfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.9.5.dfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2014-0591"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4szx-skhq-xfdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4997?format=json","vulnerability_id":"VCID-4xz6-yr3v-1qgh","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25220.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25220.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25220","reference_id":"","reference_type":"","scores":[{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23774","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23827","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23779","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.2517","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25074","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25157","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25220"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064512","reference_id":"2064512","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064512"},{"reference_url":"https://security.archlinux.org/ASA-202204-5","reference_id":"ASA-202204-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-5"},{"reference_url":"https://security.archlinux.org/AVG-2661","reference_id":"AVG-2661","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2661"},{"reference_url":"https://security.gentoo.org/glsa/202210-25","reference_id":"GLSA-202210-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7643","reference_id":"RHSA-2022:7643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7643"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7790","reference_id":"RHSA-2022:7790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8068","reference_id":"RHSA-2022:8068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8068"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8385","reference_id":"RHSA-2022:8385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0402","reference_id":"RHSA-2023:0402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2720","reference_id":"RHSA-2024:2720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21740","reference_id":"RHSA-2025:21740","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21740"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21741","reference_id":"RHSA-2025:21741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21889","reference_id":"RHSA-2025:21889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22168","reference_id":"RHSA-2025:22168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23414","reference_id":"RHSA-2025:23414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23414"},{"reference_url":"https://usn.ubuntu.com/5332-1/","reference_id":"USN-5332-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5332-1/"},{"reference_url":"https://usn.ubuntu.com/5332-2/","reference_id":"USN-5332-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5332-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89027?format=json","purl":"pkg:deb/debian/bind9@1:9.16.27-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.27-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89026?format=json","purl":"pkg:deb/debian/bind9@1:9.18.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2021-25220"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4xz6-yr3v-1qgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4835?format=json","vulnerability_id":"VCID-522h-nu53-g7fy","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40775.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40775.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-40775","reference_id":"","reference_type":"","scores":[{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39634","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39669","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39672","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39645","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39617","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-40775"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367442","reference_id":"2367442","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2367442"},{"reference_url":"https://security.archlinux.org/ASA-202505-14","reference_id":"ASA-202505-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202505-14"},{"reference_url":"https://security.archlinux.org/AVG-2881","reference_id":"AVG-2881","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2881"},{"reference_url":"https://kb.isc.org/docs/cve-2025-40775","reference_id":"cve-2025-40775","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-21T13:19:58Z/"}],"url":"https://kb.isc.org/docs/cve-2025-40775"},{"reference_url":"https://usn.ubuntu.com/7526-1/","reference_id":"USN-7526-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7526-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89064?format=json","purl":"pkg:deb/debian/bind9@1:9.20.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2025-40775"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-522h-nu53-g7fy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6670?format=json","vulnerability_id":"VCID-52dv-wpa9-uyf2","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9147.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9147.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9147","reference_id":"","reference_type":"","scores":[{"value":"0.36423","scoring_system":"epss","scoring_elements":"0.97206","published_at":"2026-06-04T12:55:00Z"},{"value":"0.36423","scoring_system":"epss","scoring_elements":"0.97216","published_at":"2026-06-09T12:55:00Z"},{"value":"0.36423","scoring_system":"epss","scoring_elements":"0.97212","published_at":"2026-06-06T12:55:00Z"},{"value":"0.36423","scoring_system":"epss","scoring_elements":"0.97214","published_at":"2026-06-08T12:55:00Z"},{"value":"0.36423","scoring_system":"epss","scoring_elements":"0.9721","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9444","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9444"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1411367","reference_id":"1411367","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1411367"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851063","reference_id":"851063","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851063"},{"reference_url":"https://security.archlinux.org/ASA-201701-15","reference_id":"ASA-201701-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-15"},{"reference_url":"https://security.archlinux.org/AVG-132","reference_id":"AVG-132","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-132"},{"reference_url":"https://security.gentoo.org/glsa/201708-01","reference_id":"GLSA-201708-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201708-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0062","reference_id":"RHSA-2017:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0063","reference_id":"RHSA-2017:0063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0063"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0064","reference_id":"RHSA-2017:0064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0064"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1582","reference_id":"RHSA-2017:1582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1583","reference_id":"RHSA-2017:1583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1583"},{"reference_url":"https://usn.ubuntu.com/3172-1/","reference_id":"USN-3172-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3172-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88991?format=json","purl":"pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9147"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-52dv-wpa9-uyf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6652?format=json","vulnerability_id":"VCID-55bs-1xmn-eqht","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3135.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3135.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3135","reference_id":"","reference_type":"","scores":[{"value":"0.45408","scoring_system":"epss","scoring_elements":"0.97678","published_at":"2026-06-07T12:55:00Z"},{"value":"0.45408","scoring_system":"epss","scoring_elements":"0.97672","published_at":"2026-06-04T12:55:00Z"},{"value":"0.45408","scoring_system":"epss","scoring_elements":"0.9768","published_at":"2026-06-09T12:55:00Z"},{"value":"0.45408","scoring_system":"epss","scoring_elements":"0.97679","published_at":"2026-06-08T12:55:00Z"},{"value":"0.45408","scoring_system":"epss","scoring_elements":"0.97676","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3135"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3135","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3135"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1420193","reference_id":"1420193","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1420193"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855520","reference_id":"855520","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855520"},{"reference_url":"https://security.archlinux.org/ASA-201702-8","reference_id":"ASA-201702-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201702-8"},{"reference_url":"https://security.archlinux.org/AVG-169","reference_id":"AVG-169","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-169"},{"reference_url":"https://security.gentoo.org/glsa/201708-01","reference_id":"GLSA-201708-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201708-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0276","reference_id":"RHSA-2017:0276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0276"},{"reference_url":"https://usn.ubuntu.com/3201-1/","reference_id":"USN-3201-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3201-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89006?format=json","purl":"pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-12?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-12%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2017-3135"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-55bs-1xmn-eqht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60242?format=json","vulnerability_id":"VCID-55ew-qe9a-5uen","summary":"The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the \"NSEC3\" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50868.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50868","reference_id":"","reference_type":"","scores":[{"value":"0.12114","scoring_system":"epss","scoring_elements":"0.93949","published_at":"2026-06-09T12:55:00Z"},{"value":"0.1242","scoring_system":"epss","scoring_elements":"0.94041","published_at":"2026-06-07T12:55:00Z"},{"value":"0.1242","scoring_system":"epss","scoring_elements":"0.9404","published_at":"2026-06-05T12:55:00Z"},{"value":"0.1242","scoring_system":"epss","scoring_elements":"0.94039","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html","reference_id":"017430.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845","reference_id":"1063845","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852","reference_id":"1063852","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751","reference_id":"1077751","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077751"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/16/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/16/2"},{"reference_url":"https://www.isc.org/blogs/2024-bind-security-release/","reference_id":"2024-bind-security-release","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://www.isc.org/blogs/2024-bind-security-release/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263917","reference_id":"2263917","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263917"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/16/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/16/3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/","reference_id":"6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/","reference_id":"BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/"},{"reference_url":"https://kb.isc.org/docs/cve-2023-50868","reference_id":"cve-2023-50868","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://kb.isc.org/docs/cve-2023-50868"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-50868","reference_id":"CVE-2023-50868","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-50868"},{"reference_url":"https://security.gentoo.org/glsa/202412-10","reference_id":"GLSA-202412-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-10"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/","reference_id":"HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/","reference_id":"IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html","reference_id":"msg00006.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240307-0008/","reference_id":"ntap-20240307-0008","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240307-0008/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/","reference_id":"PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/"},{"reference_url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html","reference_id":"powerdns-advisory-2024-01.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html"},{"reference_url":"https://datatracker.ietf.org/doc/html/rfc5155","reference_id":"rfc5155","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://datatracker.ietf.org/doc/html/rfc5155"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/","reference_id":"RGS7JN6FZXUSTC2XKQHH27574XOULYYJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0965","reference_id":"RHSA-2024:0965","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0977","reference_id":"RHSA-2024:0977","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0981","reference_id":"RHSA-2024:0981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0982","reference_id":"RHSA-2024:0982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11003","reference_id":"RHSA-2024:11003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1334","reference_id":"RHSA-2024:1334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1335","reference_id":"RHSA-2024:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1522","reference_id":"RHSA-2024:1522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1543","reference_id":"RHSA-2024:1543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1544","reference_id":"RHSA-2024:1544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1545","reference_id":"RHSA-2024:1545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1647","reference_id":"RHSA-2024:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1648","reference_id":"RHSA-2024:1648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1781","reference_id":"RHSA-2024:1781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1782","reference_id":"RHSA-2024:1782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1789","reference_id":"RHSA-2024:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1800","reference_id":"RHSA-2024:1800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1801","reference_id":"RHSA-2024:1801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1803","reference_id":"RHSA-2024:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1804","reference_id":"RHSA-2024:1804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2551","reference_id":"RHSA-2024:2551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2587","reference_id":"RHSA-2024:2587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2696","reference_id":"RHSA-2024:2696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2720","reference_id":"RHSA-2024:2720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2721","reference_id":"RHSA-2024:2721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2821","reference_id":"RHSA-2024:2821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2890","reference_id":"RHSA-2024:2890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3271","reference_id":"RHSA-2024:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3741","reference_id":"RHSA-2024:3741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3877","reference_id":"RHSA-2024:3877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3929","reference_id":"RHSA-2024:3929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0039","reference_id":"RHSA-2025:0039","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0039"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1219826","reference_id":"show_bug.cgi?id=1219826","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1219826"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/","reference_id":"SVYA42BLXUCIDLD35YIJPJSHDIADNYMP","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/","reference_id":"TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/"},{"reference_url":"https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/","reference_id":"unbound-1.19.1-released","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/","reference_id":"UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/"},{"reference_url":"https://usn.ubuntu.com/6633-1/","reference_id":"USN-6633-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6633-1/"},{"reference_url":"https://usn.ubuntu.com/6642-1/","reference_id":"USN-6642-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6642-1/"},{"reference_url":"https://usn.ubuntu.com/6657-1/","reference_id":"USN-6657-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-1/"},{"reference_url":"https://usn.ubuntu.com/6657-2/","reference_id":"USN-6657-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-2/"},{"reference_url":"https://usn.ubuntu.com/6665-1/","reference_id":"USN-6665-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6665-1/"},{"reference_url":"https://usn.ubuntu.com/6723-1/","reference_id":"USN-6723-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6723-1/"},{"reference_url":"https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1","reference_id":"v5.7.1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","reference_id":"ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-19T20:27:54Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89051?format=json","purl":"pkg:deb/debian/bind9@1:9.16.48-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.48-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89050?format=json","purl":"pkg:deb/debian/bind9@1:9.18.24-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.24-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89052?format=json","purl":"pkg:deb/debian/bind9@1:9.19.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.19.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2023-50868"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-55ew-qe9a-5uen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60230?format=json","vulnerability_id":"VCID-5c6k-kc3d-qufd","summary":"Processing of repeated responses to the same query, where both responses contain ECS pseudo-options, but where the first is broken in some way, can cause BIND to exit with an assertion failure.  'Broken' in this context is anything that would cause the resolver to reject the query response, such as a mismatch between query and answer name. This issue affects BIND 9 versions 9.11.4-S1 through 9.11.37-S1 and 9.16.8-S1 through 9.16.36-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3488.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3488.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3488","reference_id":"","reference_type":"","scores":[{"value":"0.15211","scoring_system":"epss","scoring_elements":"0.94734","published_at":"2026-06-04T12:55:00Z"},{"value":"0.15211","scoring_system":"epss","scoring_elements":"0.94751","published_at":"2026-06-09T12:55:00Z"},{"value":"0.15211","scoring_system":"epss","scoring_elements":"0.94742","published_at":"2026-06-05T12:55:00Z"},{"value":"0.15211","scoring_system":"epss","scoring_elements":"0.94744","published_at":"2026-06-06T12:55:00Z"},{"value":"0.15211","scoring_system":"epss","scoring_elements":"0.94745","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3488"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164709","reference_id":"2164709","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164709"},{"reference_url":"https://kb.isc.org/docs/cve-2022-3488","reference_id":"cve-2022-3488","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T14:12:10Z/"}],"url":"https://kb.isc.org/docs/cve-2022-3488"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2022-3488"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5c6k-kc3d-qufd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59984?format=json","vulnerability_id":"VCID-5f3t-482m-rydh","summary":"An \"incorrect assumption\" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0034","reference_id":"","reference_type":"","scores":[{"value":"0.06639","scoring_system":"epss","scoring_elements":"0.91364","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06639","scoring_system":"epss","scoring_elements":"0.91377","published_at":"2026-06-05T12:55:00Z"},{"value":"0.06639","scoring_system":"epss","scoring_elements":"0.91379","published_at":"2026-06-06T12:55:00Z"},{"value":"0.06639","scoring_system":"epss","scoring_elements":"0.91375","published_at":"2026-06-07T12:55:00Z"},{"value":"0.06639","scoring_system":"epss","scoring_elements":"0.9137","published_at":"2026-06-08T12:55:00Z"},{"value":"0.06639","scoring_system":"epss","scoring_elements":"0.91385","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0034"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0034","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0034"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88953?format=json","purl":"pkg:deb/debian/bind9@1:9.3.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.3.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0034"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5f3t-482m-rydh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59923?format=json","vulnerability_id":"VCID-5k94-p7qg-v7fp","summary":"bind: Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3593.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3593.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3593","reference_id":"","reference_type":"","scores":[{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11622","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11735","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11729","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11694","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00038","scoring_system":"epss","scoring_elements":"0.11612","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3593"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479770","reference_id":"2479770","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479770"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.20.23","reference_id":"9.20.23","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:40:34Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.20.23"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.21.22","reference_id":"9.21.22","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:40:34Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.21.22"},{"reference_url":"https://kb.isc.org/docs/cve-2026-3593","reference_id":"cve-2026-3593","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:40:34Z/"}],"url":"https://kb.isc.org/docs/cve-2026-3593"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7412","reference_id":"RHSA-2026:7412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7412"},{"reference_url":"https://usn.ubuntu.com/8293-1/","reference_id":"USN-8293-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8293-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89080?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2026-3593"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5k94-p7qg-v7fp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60024?format=json","vulnerability_id":"VCID-5wur-zx6u-u3g5","summary":"ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5689.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5689.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5689","reference_id":"","reference_type":"","scores":[{"value":"0.0381","scoring_system":"epss","scoring_elements":"0.88312","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0381","scoring_system":"epss","scoring_elements":"0.8833","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0381","scoring_system":"epss","scoring_elements":"0.88332","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0381","scoring_system":"epss","scoring_elements":"0.88333","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0381","scoring_system":"epss","scoring_elements":"0.88348","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5689"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5689","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5689"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699145","reference_id":"699145","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699145"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=903417","reference_id":"903417","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=903417"},{"reference_url":"https://security.gentoo.org/glsa/201401-34","reference_id":"GLSA-201401-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0550","reference_id":"RHSA-2013:0550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0550"},{"reference_url":"https://usn.ubuntu.com/2693-1/","reference_id":"USN-2693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2693-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88978?format=json","purl":"pkg:deb/debian/bind9@1:9.8.4.dfsg.P1-6%2Bnmu1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.8.4.dfsg.P1-6%252Bnmu1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2012-5689"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5wur-zx6u-u3g5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60008?format=json","vulnerability_id":"VCID-5z6k-fhjb-ckb1","summary":"named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3614.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3614.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3614","reference_id":"","reference_type":"","scores":[{"value":"0.06838","scoring_system":"epss","scoring_elements":"0.91506","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06838","scoring_system":"epss","scoring_elements":"0.9152","published_at":"2026-06-05T12:55:00Z"},{"value":"0.06838","scoring_system":"epss","scoring_elements":"0.91521","published_at":"2026-06-06T12:55:00Z"},{"value":"0.06838","scoring_system":"epss","scoring_elements":"0.91519","published_at":"2026-06-07T12:55:00Z"},{"value":"0.06838","scoring_system":"epss","scoring_elements":"0.91515","published_at":"2026-06-08T12:55:00Z"},{"value":"0.06838","scoring_system":"epss","scoring_elements":"0.9153","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3614"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3614"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605876","reference_id":"605876","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605876"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=658977","reference_id":"658977","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=658977"},{"reference_url":"https://security.gentoo.org/glsa/201206-01","reference_id":"GLSA-201206-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0975","reference_id":"RHSA-2010:0975","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0975"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0976","reference_id":"RHSA-2010:0976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0976"},{"reference_url":"https://usn.ubuntu.com/1025-1/","reference_id":"USN-1025-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1025-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88968?format=json","purl":"pkg:deb/debian/bind9@1:9.7.2.dfsg.P3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.7.2.dfsg.P3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2010-3614"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5z6k-fhjb-ckb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60125?format=json","vulnerability_id":"VCID-67ph-w3bg-r3d6","summary":"Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended (and documented) behavior is that if an operator has not specified a value for the \"allow-recursion\" setting, it SHOULD default to one of the following: none, if \"recursion no;\" is set in named.conf; a value inherited from the \"allow-query-cache\" or \"allow-query\" settings IF \"recursion yes;\" (the default for that setting) AND match lists are explicitly set for \"allow-query-cache\" or \"allow-query\" (see the BIND9 Administrative Reference Manual section 6.2 for more details); or the intended default of \"allow-recursion {localhost; localnets;};\" if \"recursion yes;\" is in effect and no values are explicitly set for \"allow-query-cache\" or \"allow-query\". However, because of the regression introduced by change #4777, it is possible when \"recursion yes;\" is in effect and no match list values are provided for \"allow-query-cache\" or \"allow-query\" for the setting of \"allow-recursion\" to inherit a setting of all hosts from the \"allow-query\" setting default, improperly permitting recursion to all clients. Affects BIND 9.9.12, 9.10.7, 9.11.3, 9.12.0->9.12.1-P2, the development release 9.13.0, and also releases 9.9.12-S1, 9.10.7-S1, 9.11.3-S1, and 9.11.3-S2 from BIND 9 Supported Preview Edition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5738.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5738.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5738","reference_id":"","reference_type":"","scores":[{"value":"0.03303","scoring_system":"epss","scoring_elements":"0.8746","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03303","scoring_system":"epss","scoring_elements":"0.8749","published_at":"2026-06-09T12:55:00Z"},{"value":"0.03303","scoring_system":"epss","scoring_elements":"0.87479","published_at":"2026-06-07T12:55:00Z"},{"value":"0.03303","scoring_system":"epss","scoring_elements":"0.87478","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03303","scoring_system":"epss","scoring_elements":"0.87482","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03303","scoring_system":"epss","scoring_elements":"0.87481","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5738"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1589616","reference_id":"1589616","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1589616"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901483","reference_id":"901483","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901483"},{"reference_url":"https://security.archlinux.org/AVG-718","reference_id":"AVG-718","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-718"},{"reference_url":"https://security.gentoo.org/glsa/201903-13","reference_id":"GLSA-201903-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201903-13"},{"reference_url":"https://usn.ubuntu.com/3683-1/","reference_id":"USN-3683-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3683-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89010?format=json","purl":"pkg:deb/debian/bind9@1:9.11.3%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.11.3%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5738"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-67ph-w3bg-r3d6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5895?format=json","vulnerability_id":"VCID-6h9u-za1r-tyf9","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8617.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8617.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8617","reference_id":"","reference_type":"","scores":[{"value":"0.92629","scoring_system":"epss","scoring_elements":"0.99757","published_at":"2026-06-04T12:55:00Z"},{"value":"0.92629","scoring_system":"epss","scoring_elements":"0.99758","published_at":"2026-06-08T12:55:00Z"},{"value":"0.92629","scoring_system":"epss","scoring_elements":"0.99759","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8617"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1836124","reference_id":"1836124","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1836124"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961939","reference_id":"961939","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961939"},{"reference_url":"https://security.archlinux.org/ASA-202005-13","reference_id":"ASA-202005-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202005-13"},{"reference_url":"https://security.archlinux.org/AVG-1165","reference_id":"AVG-1165","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1165"},{"reference_url":"https://github.com/knqyf263/CVE-2020-8617/blob/92a64e68cf77a5b938e0d9c04524fa6147ccb785/exploit.py","reference_id":"CVE-2020-8617","reference_type":"exploit","scores":[],"url":"https://github.com/knqyf263/CVE-2020-8617/blob/92a64e68cf77a5b938e0d9c04524fa6147ccb785/exploit.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/48521.py","reference_id":"CVE-2020-8617","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/48521.py"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2338","reference_id":"RHSA-2020:2338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2344","reference_id":"RHSA-2020:2344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2345","reference_id":"RHSA-2020:2345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2383","reference_id":"RHSA-2020:2383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2383"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2404","reference_id":"RHSA-2020:2404","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2404"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2893","reference_id":"RHSA-2020:2893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2893"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3378","reference_id":"RHSA-2020:3378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3379","reference_id":"RHSA-2020:3379","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3379"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3433","reference_id":"RHSA-2020:3433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3470","reference_id":"RHSA-2020:3470","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3470"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3471","reference_id":"RHSA-2020:3471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3475","reference_id":"RHSA-2020:3475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3475"},{"reference_url":"https://usn.ubuntu.com/4365-1/","reference_id":"USN-4365-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4365-1/"},{"reference_url":"https://usn.ubuntu.com/4365-2/","reference_id":"USN-4365-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4365-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89017?format=json","purl":"pkg:deb/debian/bind9@1:9.16.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8617"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6h9u-za1r-tyf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7062?format=json","vulnerability_id":"VCID-6mww-1ph4-2yg3","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25219.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25219.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25219","reference_id":"","reference_type":"","scores":[{"value":"0.01039","scoring_system":"epss","scoring_elements":"0.77764","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01039","scoring_system":"epss","scoring_elements":"0.77797","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01039","scoring_system":"epss","scoring_elements":"0.77789","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01039","scoring_system":"epss","scoring_elements":"0.77779","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01039","scoring_system":"epss","scoring_elements":"0.77791","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01039","scoring_system":"epss","scoring_elements":"0.77798","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25219"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2017636","reference_id":"2017636","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2017636"},{"reference_url":"https://security.archlinux.org/ASA-202110-12","reference_id":"ASA-202110-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202110-12"},{"reference_url":"https://security.archlinux.org/AVG-2502","reference_id":"AVG-2502","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2502"},{"reference_url":"https://security.gentoo.org/glsa/202210-25","reference_id":"GLSA-202210-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2092","reference_id":"RHSA-2022:2092","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2092"},{"reference_url":"https://usn.ubuntu.com/5126-1/","reference_id":"USN-5126-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5126-1/"},{"reference_url":"https://usn.ubuntu.com/5126-2/","reference_id":"USN-5126-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5126-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89025?format=json","purl":"pkg:deb/debian/bind9@1:9.16.22-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.22-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89024?format=json","purl":"pkg:deb/debian/bind9@1:9.17.19-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.17.19-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2021-25219"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6mww-1ph4-2yg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59982?format=json","vulnerability_id":"VCID-6zbf-kzws-pyap","summary":"BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1221","reference_id":"","reference_type":"","scores":[{"value":"0.0452","scoring_system":"epss","scoring_elements":"0.89343","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0452","scoring_system":"epss","scoring_elements":"0.89361","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0452","scoring_system":"epss","scoring_elements":"0.89362","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0452","scoring_system":"epss","scoring_elements":"0.89379","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1221"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2002-1221"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6zbf-kzws-pyap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60235?format=json","vulnerability_id":"VCID-7ch5-qqz7-u7fh","summary":"A `named` instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache (RFC 8198) option (`synth-from-dnssec`) enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through 9.16.41-S1 and 9.18.11-S1 through 9.18.15-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2829.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2829.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2829","reference_id":"","reference_type":"","scores":[{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25464","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.2557","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25559","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25514","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25455","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2829"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2216581","reference_id":"2216581","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2216581"},{"reference_url":"https://kb.isc.org/docs/cve-2023-2829","reference_id":"cve-2023-2829","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T18:34:26Z/"}],"url":"https://kb.isc.org/docs/cve-2023-2829"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230703-0010/","reference_id":"ntap-20230703-0010","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T18:34:26Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230703-0010/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2023-2829"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7ch5-qqz7-u7fh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3557?format=json","vulnerability_id":"VCID-7rcc-zetp-13fz","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38178.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38178.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38178","reference_id":"","reference_type":"","scores":[{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79736","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79744","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79725","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01421","scoring_system":"epss","scoring_elements":"0.80969","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01421","scoring_system":"epss","scoring_elements":"0.80967","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01421","scoring_system":"epss","scoring_elements":"0.80938","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2128602","reference_id":"2128602","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2128602"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/09/21/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/09/21/3"},{"reference_url":"https://security.archlinux.org/AVG-2811","reference_id":"AVG-2811","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2811"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/","reference_id":"CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/"},{"reference_url":"https://kb.isc.org/docs/cve-2022-38178","reference_id":"cve-2022-38178","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/"}],"url":"https://kb.isc.org/docs/cve-2022-38178"},{"reference_url":"https://www.debian.org/security/2022/dsa-5235","reference_id":"dsa-5235","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/"}],"url":"https://www.debian.org/security/2022/dsa-5235"},{"reference_url":"https://security.gentoo.org/glsa/202210-25","reference_id":"GLSA-202210-25","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/"}],"url":"https://security.gentoo.org/glsa/202210-25"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/","reference_id":"MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html","reference_id":"msg00007.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221228-0009/","reference_id":"ntap-20221228-0009","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/"}],"url":"https://security.netapp.com/advisory/ntap-20221228-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6763","reference_id":"RHSA-2022:6763","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6763"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6764","reference_id":"RHSA-2022:6764","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6764"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6765","reference_id":"RHSA-2022:6765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6765"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6778","reference_id":"RHSA-2022:6778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6779","reference_id":"RHSA-2022:6779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6779"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6780","reference_id":"RHSA-2022:6780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6780"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6781","reference_id":"RHSA-2022:6781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8598","reference_id":"RHSA-2022:8598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8598"},{"reference_url":"https://usn.ubuntu.com/5626-1/","reference_id":"USN-5626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5626-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/","reference_id":"YZJQNUASODNVAWZV6STKG5SD6XIJ446S","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:22:52Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89030?format=json","purl":"pkg:deb/debian/bind9@1:9.16.33-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.33-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89029?format=json","purl":"pkg:deb/debian/bind9@1:9.18.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38178"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7rcc-zetp-13fz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60043?format=json","vulnerability_id":"VCID-7v8h-9d69-cfh3","summary":"ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8500.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8500.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8500","reference_id":"","reference_type":"","scores":[{"value":"0.48217","scoring_system":"epss","scoring_elements":"0.97789","published_at":"2026-06-04T12:55:00Z"},{"value":"0.48217","scoring_system":"epss","scoring_elements":"0.97793","published_at":"2026-06-05T12:55:00Z"},{"value":"0.48217","scoring_system":"epss","scoring_elements":"0.97794","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8500"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1171912","reference_id":"1171912","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1171912"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772610","reference_id":"772610","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772610"},{"reference_url":"https://security.gentoo.org/glsa/201502-03","reference_id":"GLSA-201502-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1984","reference_id":"RHSA-2014:1984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1985","reference_id":"RHSA-2014:1985","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1985"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0078","reference_id":"RHSA-2016:0078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0078"},{"reference_url":"https://usn.ubuntu.com/2437-1/","reference_id":"USN-2437-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2437-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88981?format=json","purl":"pkg:deb/debian/bind9@1:9.9.5.dfsg-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.9.5.dfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2014-8500"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7v8h-9d69-cfh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60013?format=json","vulnerability_id":"VCID-8ups-cbex-wyc7","summary":"Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1910.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1910.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1910","reference_id":"","reference_type":"","scores":[{"value":"0.11874","scoring_system":"epss","scoring_elements":"0.93863","published_at":"2026-06-04T12:55:00Z"},{"value":"0.11874","scoring_system":"epss","scoring_elements":"0.93873","published_at":"2026-06-07T12:55:00Z"},{"value":"0.11874","scoring_system":"epss","scoring_elements":"0.93872","published_at":"2026-06-06T12:55:00Z"},{"value":"0.11874","scoring_system":"epss","scoring_elements":"0.93871","published_at":"2026-06-08T12:55:00Z"},{"value":"0.11874","scoring_system":"epss","scoring_elements":"0.93876","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1910"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=708301","reference_id":"708301","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=708301"},{"reference_url":"https://security.gentoo.org/glsa/201206-01","reference_id":"GLSA-201206-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0845","reference_id":"RHSA-2011:0845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0845"},{"reference_url":"https://usn.ubuntu.com/1139-1/","reference_id":"USN-1139-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1139-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88972?format=json","purl":"pkg:deb/debian/bind9@1:9.8.1.dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.8.1.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2011-1910"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8ups-cbex-wyc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60052?format=json","vulnerability_id":"VCID-8w3h-g5cq-auht","summary":"name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zone data and then making a query for a name in that zone.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4620.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4620.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-4620","reference_id":"","reference_type":"","scores":[{"value":"0.27161","scoring_system":"epss","scoring_elements":"0.9648","published_at":"2026-06-04T12:55:00Z"},{"value":"0.27161","scoring_system":"epss","scoring_elements":"0.96484","published_at":"2026-06-05T12:55:00Z"},{"value":"0.27161","scoring_system":"epss","scoring_elements":"0.96489","published_at":"2026-06-06T12:55:00Z"},{"value":"0.27161","scoring_system":"epss","scoring_elements":"0.9649","published_at":"2026-06-08T12:55:00Z"},{"value":"0.27161","scoring_system":"epss","scoring_elements":"0.96494","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-4620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4620"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1237258","reference_id":"1237258","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1237258"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=791715","reference_id":"791715","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=791715"},{"reference_url":"https://security.gentoo.org/glsa/201510-01","reference_id":"GLSA-201510-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201510-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1443","reference_id":"RHSA-2015:1443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1471","reference_id":"RHSA-2015:1471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1471"},{"reference_url":"https://usn.ubuntu.com/2669-1/","reference_id":"USN-2669-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2669-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88983?format=json","purl":"pkg:deb/debian/bind9@1:9.9.5.dfsg-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.9.5.dfsg-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2015-4620"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8w3h-g5cq-auht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5590?format=json","vulnerability_id":"VCID-8z63-zwra-3ycq","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25214.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25214.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25214","reference_id":"","reference_type":"","scores":[{"value":"0.00751","scoring_system":"epss","scoring_elements":"0.73573","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00751","scoring_system":"epss","scoring_elements":"0.73532","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00751","scoring_system":"epss","scoring_elements":"0.73568","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77569","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84937","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02257","scoring_system":"epss","scoring_elements":"0.84923","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25214"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1953849","reference_id":"1953849","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1953849"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987741","reference_id":"987741","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987741"},{"reference_url":"https://security.archlinux.org/ASA-202104-10","reference_id":"ASA-202104-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-10"},{"reference_url":"https://security.archlinux.org/AVG-1890","reference_id":"AVG-1890","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3325","reference_id":"RHSA-2021:3325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4384","reference_id":"RHSA-2021:4384","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4384"},{"reference_url":"https://usn.ubuntu.com/4929-1/","reference_id":"USN-4929-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4929-1/"},{"reference_url":"https://usn.ubuntu.com/7739-1/","reference_id":"USN-7739-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7739-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89023?format=json","purl":"pkg:deb/debian/bind9@1:9.16.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2021-25214"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8z63-zwra-3ycq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6581?format=json","vulnerability_id":"VCID-92n4-qfyy-pyga","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3138.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3138.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3138","reference_id":"","reference_type":"","scores":[{"value":"0.3793","scoring_system":"epss","scoring_elements":"0.97294","published_at":"2026-06-04T12:55:00Z"},{"value":"0.3793","scoring_system":"epss","scoring_elements":"0.97302","published_at":"2026-06-09T12:55:00Z"},{"value":"0.3793","scoring_system":"epss","scoring_elements":"0.973","published_at":"2026-06-06T12:55:00Z"},{"value":"0.3793","scoring_system":"epss","scoring_elements":"0.97301","published_at":"2026-06-08T12:55:00Z"},{"value":"0.3793","scoring_system":"epss","scoring_elements":"0.97299","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3136","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3136"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3138"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441137","reference_id":"1441137","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441137"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860226","reference_id":"860226","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860226"},{"reference_url":"https://security.archlinux.org/ASA-201704-11","reference_id":"ASA-201704-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201704-11"},{"reference_url":"https://security.archlinux.org/AVG-239","reference_id":"AVG-239","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-239"},{"reference_url":"https://security.gentoo.org/glsa/201708-01","reference_id":"GLSA-201708-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201708-01"},{"reference_url":"https://usn.ubuntu.com/3259-1/","reference_id":"USN-3259-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3259-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89007?format=json","purl":"pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-12.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-12.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2017-3138"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-92n4-qfyy-pyga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59980?format=json","vulnerability_id":"VCID-9ap8-f2m6-wuhu","summary":"BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1220","reference_id":"","reference_type":"","scores":[{"value":"0.31981","scoring_system":"epss","scoring_elements":"0.9691","published_at":"2026-06-04T12:55:00Z"},{"value":"0.31981","scoring_system":"epss","scoring_elements":"0.96914","published_at":"2026-06-05T12:55:00Z"},{"value":"0.31981","scoring_system":"epss","scoring_elements":"0.96918","published_at":"2026-06-08T12:55:00Z"},{"value":"0.31981","scoring_system":"epss","scoring_elements":"0.96919","published_at":"2026-06-07T12:55:00Z"},{"value":"0.31981","scoring_system":"epss","scoring_elements":"0.96923","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1220"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22011.c","reference_id":"CVE-2002-1220;OSVDB-9724","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22011.c"},{"reference_url":"https://www.securityfocus.com/bid/6161/info","reference_id":"CVE-2002-1220;OSVDB-9724","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/6161/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2002-1220"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9ap8-f2m6-wuhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5588?format=json","vulnerability_id":"VCID-9gzj-68dh-quap","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25216.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25216.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25216","reference_id":"","reference_type":"","scores":[{"value":"0.27744","scoring_system":"epss","scoring_elements":"0.96549","published_at":"2026-06-08T12:55:00Z"},{"value":"0.27744","scoring_system":"epss","scoring_elements":"0.96541","published_at":"2026-06-04T12:55:00Z"},{"value":"0.27744","scoring_system":"epss","scoring_elements":"0.96554","published_at":"2026-06-09T12:55:00Z"},{"value":"0.27744","scoring_system":"epss","scoring_elements":"0.96544","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25216"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1953872","reference_id":"1953872","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1953872"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987743","reference_id":"987743","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987743"},{"reference_url":"https://security.archlinux.org/ASA-202104-10","reference_id":"ASA-202104-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-10"},{"reference_url":"https://security.archlinux.org/AVG-1890","reference_id":"AVG-1890","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1890"},{"reference_url":"https://usn.ubuntu.com/4929-1/","reference_id":"USN-4929-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4929-1/"},{"reference_url":"https://usn.ubuntu.com/7739-1/","reference_id":"USN-7739-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7739-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89023?format=json","purl":"pkg:deb/debian/bind9@1:9.16.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2021-25216"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9gzj-68dh-quap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60082?format=json","vulnerability_id":"VCID-9nrt-1hky-y7g3","summary":"named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1285.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1285.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1285","reference_id":"","reference_type":"","scores":[{"value":"0.68972","scoring_system":"epss","scoring_elements":"0.9865","published_at":"2026-06-09T12:55:00Z"},{"value":"0.68972","scoring_system":"epss","scoring_elements":"0.98649","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1035236","reference_id":"1035236","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://www.securitytracker.com/id/1035236"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315674","reference_id":"1315674","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315674"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html","reference_id":"178831.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178831.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html","reference_id":"178880.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178880.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html","reference_id":"179904.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179904.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html","reference_id":"179911.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179911.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html","reference_id":"181036.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181036.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html","reference_id":"181037.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181037.html"},{"reference_url":"https://kb.isc.org/article/AA-01352","reference_id":"AA-01352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"https://kb.isc.org/article/AA-01352"},{"reference_url":"https://kb.isc.org/article/AA-01380","reference_id":"AA-01380","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"https://kb.isc.org/article/AA-01380"},{"reference_url":"https://kb.isc.org/article/AA-01438","reference_id":"AA-01438","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"https://kb.isc.org/article/AA-01438"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821","reference_id":"docDisplay?docId=emr_na-c05087821","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05087821"},{"reference_url":"http://www.debian.org/security/2016/dsa-3511","reference_id":"dsa-3511","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://www.debian.org/security/2016/dsa-3511"},{"reference_url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc","reference_id":"FreeBSD-SA-16:13.bind.asc","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-16:13.bind.asc"},{"reference_url":"https://security.gentoo.org/glsa/201610-07","reference_id":"GLSA-201610-07","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"https://security.gentoo.org/glsa/201610-07"},{"reference_url":"http://marc.info/?l=bugtraq&m=146191105921542&w=2","reference_id":"?l=bugtraq&m=146191105921542&w=2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://marc.info/?l=bugtraq&m=146191105921542&w=2"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"linuxbulletinjan2016-2867209.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html","reference_id":"msg00013.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00013.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html","reference_id":"msg00046.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00046.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html","reference_id":"msg00053.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00053.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html","reference_id":"msg00070.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00070.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html","reference_id":"msg00072.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00072.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html","reference_id":"msg00075.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00075.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html","reference_id":"msg00079.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00079.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html","reference_id":"msg00084.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00084.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"ovmbulletinjul2016-3090546.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0458","reference_id":"RHSA-2016:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0459","reference_id":"RHSA-2016:0459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0562","reference_id":"RHSA-2016:0562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0562"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0562.html","reference_id":"RHSA-2016-0562.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0562.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0601","reference_id":"RHSA-2016:0601","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0601"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0601.html","reference_id":"RHSA-2016-0601.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2016-0601.html"},{"reference_url":"https://usn.ubuntu.com/2925-1/","reference_id":"USN-2925-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2925-1/"},{"reference_url":"http://www.ubuntu.com/usn/USN-2925-1","reference_id":"USN-2925-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:28:36Z/"}],"url":"http://www.ubuntu.com/usn/USN-2925-1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88987?format=json","purl":"pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2016-1285"],"risk_score":1.2,"exploitability":"0.5","weighted_severity":"2.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9nrt-1hky-y7g3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6502?format=json","vulnerability_id":"VCID-a1gf-hhd8-47e3","summary":"access restriction bypass","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3142.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3142.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3142","reference_id":"","reference_type":"","scores":[{"value":"0.04951","scoring_system":"epss","scoring_elements":"0.89847","published_at":"2026-06-06T12:55:00Z"},{"value":"0.04951","scoring_system":"epss","scoring_elements":"0.8983","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04951","scoring_system":"epss","scoring_elements":"0.89861","published_at":"2026-06-09T12:55:00Z"},{"value":"0.04951","scoring_system":"epss","scoring_elements":"0.89845","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3142"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3142","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3142"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3143","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3143"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1466189","reference_id":"1466189","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1466189"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866564","reference_id":"866564","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866564"},{"reference_url":"https://security.archlinux.org/ASA-201707-3","reference_id":"ASA-201707-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-3"},{"reference_url":"https://security.archlinux.org/AVG-335","reference_id":"AVG-335","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1679","reference_id":"RHSA-2017:1679","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1679"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1680","reference_id":"RHSA-2017:1680","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1680"},{"reference_url":"https://usn.ubuntu.com/3346-1/","reference_id":"USN-3346-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3346-1/"},{"reference_url":"https://usn.ubuntu.com/3346-3/","reference_id":"USN-3346-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3346-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89008?format=json","purl":"pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-12.4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-12.4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2017-3142"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a1gf-hhd8-47e3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60167?format=json","vulnerability_id":"VCID-abhh-5wz4-dqbh","summary":"A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0 up to 9.15.4.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6476.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6476.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6476","reference_id":"","reference_type":"","scores":[{"value":"0.01269","scoring_system":"epss","scoring_elements":"0.79818","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01269","scoring_system":"epss","scoring_elements":"0.79852","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01269","scoring_system":"epss","scoring_elements":"0.79844","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01269","scoring_system":"epss","scoring_elements":"0.79833","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01269","scoring_system":"epss","scoring_elements":"0.79843","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01269","scoring_system":"epss","scoring_elements":"0.79848","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6476"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1762957","reference_id":"1762957","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1762957"},{"reference_url":"https://security.archlinux.org/AVG-1056","reference_id":"AVG-1056","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1056"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2019-6476"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-abhh-5wz4-dqbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59999?format=json","vulnerability_id":"VCID-bbzm-bhgz-xyan","summary":"Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0265.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0265.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0265","reference_id":"","reference_type":"","scores":[{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60373","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.6042","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60423","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60412","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60395","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60411","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0265"},{"reference_url":"https://security.gentoo.org/glsa/200903-14","reference_id":"GLSA-200903-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200903-14"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2009-0265"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bbzm-bhgz-xyan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59993?format=json","vulnerability_id":"VCID-bksg-nzrq-gbha","summary":"The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2925.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2925.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2925","reference_id":"","reference_type":"","scores":[{"value":"0.02207","scoring_system":"epss","scoring_elements":"0.84753","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02207","scoring_system":"epss","scoring_elements":"0.84777","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02207","scoring_system":"epss","scoring_elements":"0.84781","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02207","scoring_system":"epss","scoring_elements":"0.84775","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02207","scoring_system":"epss","scoring_elements":"0.84764","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02207","scoring_system":"epss","scoring_elements":"0.84778","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2925"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=248850","reference_id":"248850","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=248850"},{"reference_url":"https://security.gentoo.org/glsa/200708-13","reference_id":"GLSA-200708-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200708-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88961?format=json","purl":"pkg:deb/debian/bind9@1:9.4.1-P1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.4.1-P1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2007-2925"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bksg-nzrq-gbha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6346?format=json","vulnerability_id":"VCID-bvh5-y9mx-xfeq","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3145.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3145.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3145","reference_id":"","reference_type":"","scores":[{"value":"0.0799","scoring_system":"epss","scoring_elements":"0.92233","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0799","scoring_system":"epss","scoring_elements":"0.92257","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0799","scoring_system":"epss","scoring_elements":"0.92241","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0799","scoring_system":"epss","scoring_elements":"0.92242","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0799","scoring_system":"epss","scoring_elements":"0.92246","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0799","scoring_system":"epss","scoring_elements":"0.92244","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3145"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534812","reference_id":"1534812","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534812"},{"reference_url":"https://security.archlinux.org/ASA-201801-16","reference_id":"ASA-201801-16","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-16"},{"reference_url":"https://security.archlinux.org/AVG-589","reference_id":"AVG-589","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-589"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0101","reference_id":"RHSA-2018:0101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0102","reference_id":"RHSA-2018:0102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0487","reference_id":"RHSA-2018:0487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0488","reference_id":"RHSA-2018:0488","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0488"},{"reference_url":"https://usn.ubuntu.com/3535-1/","reference_id":"USN-3535-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3535-1/"},{"reference_url":"https://usn.ubuntu.com/3535-2/","reference_id":"USN-3535-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3535-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89009?format=json","purl":"pkg:deb/debian/bind9@1:9.11.2.P1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.11.2.P1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2017-3145"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bvh5-y9mx-xfeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60011?format=json","vulnerability_id":"VCID-c193-bat4-xbeq","summary":"ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0414.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0414.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0414","reference_id":"","reference_type":"","scores":[{"value":"0.04537","scoring_system":"epss","scoring_elements":"0.89358","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04537","scoring_system":"epss","scoring_elements":"0.89377","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04537","scoring_system":"epss","scoring_elements":"0.89376","published_at":"2026-06-07T12:55:00Z"},{"value":"0.04537","scoring_system":"epss","scoring_elements":"0.89394","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0414"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0414","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0414"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601830","reference_id":"601830","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601830"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=679496","reference_id":"679496","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=679496"},{"reference_url":"https://security.gentoo.org/glsa/201206-01","reference_id":"GLSA-201206-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-01"},{"reference_url":"https://usn.ubuntu.com/1070-1/","reference_id":"USN-1070-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1070-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88970?format=json","purl":"pkg:deb/debian/bind9@1:9.7.3.dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.7.3.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2011-0414"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c193-bat4-xbeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60100?format=json","vulnerability_id":"VCID-c4a2-jczr-jqgc","summary":"A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3139.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3139.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3139","reference_id":"","reference_type":"","scores":[{"value":"0.00723","scoring_system":"epss","scoring_elements":"0.72919","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00723","scoring_system":"epss","scoring_elements":"0.72956","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00723","scoring_system":"epss","scoring_elements":"0.72964","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00723","scoring_system":"epss","scoring_elements":"0.72947","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00723","scoring_system":"epss","scoring_elements":"0.72934","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00723","scoring_system":"epss","scoring_elements":"0.72958","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3139"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1447743","reference_id":"1447743","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1447743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1202","reference_id":"RHSA-2017:1202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1582","reference_id":"RHSA-2017:1582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1582"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2017-3139"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c4a2-jczr-jqgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60280?format=json","vulnerability_id":"VCID-c4ss-muw8-4bfe","summary":"Under certain conditions, `named` may crash when processing a correctly signed query containing a TKEY record. The affected code can only be reached if an incoming request has a valid transaction signature (TSIG) from a key declared in the `named` configuration. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3119.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3119.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3119","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03875","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03897","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03895","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03883","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0386","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3119"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451308","reference_id":"2451308","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451308"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.20.21","reference_id":"9.20.21","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T14:13:41Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.20.21"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.21.20","reference_id":"9.21.20","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T14:13:41Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.21.20"},{"reference_url":"https://kb.isc.org/docs/cve-2026-3119","reference_id":"cve-2026-3119","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T14:13:41Z/"}],"url":"https://kb.isc.org/docs/cve-2026-3119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6935","reference_id":"RHSA-2026:6935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6935"},{"reference_url":"https://usn.ubuntu.com/8124-1/","reference_id":"USN-8124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8124-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89075?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2026-3119"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c4ss-muw8-4bfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60116?format=json","vulnerability_id":"VCID-c835-db83-fqbz","summary":"The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other distributions who did similar backports for the fix for 2017-3137 may also be affected.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5735.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5735.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5735","reference_id":"","reference_type":"","scores":[{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70789","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70831","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70807","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70838","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00635","scoring_system":"epss","scoring_elements":"0.70821","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5735"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1551511","reference_id":"1551511","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1551511"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889285","reference_id":"889285","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889285"},{"reference_url":"https://usn.ubuntu.com/3574-1/","reference_id":"USN-3574-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3574-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88996?format=json","purl":"pkg:deb/debian/bind9@1:9.9.3.dfsg.P2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.9.3.dfsg.P2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5735"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c835-db83-fqbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4995?format=json","vulnerability_id":"VCID-cf7s-5wqk-e7gu","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0635.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0635.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0635","reference_id":"","reference_type":"","scores":[{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.74066","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.74098","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.74089","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.74072","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.74099","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00781","scoring_system":"epss","scoring_elements":"0.74103","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0635"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064514","reference_id":"2064514","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064514"},{"reference_url":"https://security.archlinux.org/ASA-202204-5","reference_id":"ASA-202204-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-5"},{"reference_url":"https://security.archlinux.org/AVG-2661","reference_id":"AVG-2661","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2661"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89026?format=json","purl":"pkg:deb/debian/bind9@1:9.18.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2022-0635"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cf7s-5wqk-e7gu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60122?format=json","vulnerability_id":"VCID-chqp-rqde-5kcv","summary":"A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause undesirable behavior from named, such as a recursion loop or excessive logging. Deliberate exploitation of this condition could cause operational problems depending on the particular manifestation -- either degradation or denial of service. Affects BIND 9.12.0 and 9.12.1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5737.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5737.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5737","reference_id":"","reference_type":"","scores":[{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.79133","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.79159","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.79165","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.79156","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.79145","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01186","scoring_system":"epss","scoring_elements":"0.79164","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5737"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1578593","reference_id":"1578593","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1578593"},{"reference_url":"https://security.archlinux.org/ASA-201805-20","reference_id":"ASA-201805-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201805-20"},{"reference_url":"https://security.archlinux.org/AVG-706","reference_id":"AVG-706","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-706"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5737"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-chqp-rqde-5kcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60271?format=json","vulnerability_id":"VCID-cpx6-wck4-9yct","summary":"Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40778.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40778.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-40778","reference_id":"","reference_type":"","scores":[{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00274","published_at":"2026-06-09T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.0028","published_at":"2026-06-05T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00281","published_at":"2026-06-06T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00275","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-40778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2405827","reference_id":"2405827","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2405827"},{"reference_url":"https://kb.isc.org/docs/cve-2025-40778","reference_id":"cve-2025-40778","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-07T04:56:12Z/"}],"url":"https://kb.isc.org/docs/cve-2025-40778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19793","reference_id":"RHSA-2025:19793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19835","reference_id":"RHSA-2025:19835","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19835"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19912","reference_id":"RHSA-2025:19912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19950","reference_id":"RHSA-2025:19950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19951","reference_id":"RHSA-2025:19951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21034","reference_id":"RHSA-2025:21034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21110","reference_id":"RHSA-2025:21110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21111","reference_id":"RHSA-2025:21111","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21735","reference_id":"RHSA-2025:21735","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21735"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21736","reference_id":"RHSA-2025:21736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21740","reference_id":"RHSA-2025:21740","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21740"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21741","reference_id":"RHSA-2025:21741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21817","reference_id":"RHSA-2025:21817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21887","reference_id":"RHSA-2025:21887","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21887"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21889","reference_id":"RHSA-2025:21889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21939","reference_id":"RHSA-2025:21939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21994","reference_id":"RHSA-2025:21994","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22168","reference_id":"RHSA-2025:22168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22205","reference_id":"RHSA-2025:22205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23414","reference_id":"RHSA-2025:23414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0316","reference_id":"RHSA-2026:0316","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0316"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0326","reference_id":"RHSA-2026:0326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0332","reference_id":"RHSA-2026:0332","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0332"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0420","reference_id":"RHSA-2026:0420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0674","reference_id":"RHSA-2026:0674","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0674"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0677","reference_id":"RHSA-2026:0677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0677"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0702","reference_id":"RHSA-2026:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0996","reference_id":"RHSA-2026:0996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1541","reference_id":"RHSA-2026:1541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6935","reference_id":"RHSA-2026:6935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6935"},{"reference_url":"https://usn.ubuntu.com/7836-1/","reference_id":"USN-7836-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7836-1/"},{"reference_url":"https://usn.ubuntu.com/7836-2/","reference_id":"USN-7836-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7836-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89067?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89066?format=json","purl":"pkg:deb/debian/bind9@1:9.18.41-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.41-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89069?format=json","purl":"pkg:deb/debian/bind9@1:9.20.15-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.15-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89068?format=json","purl":"pkg:deb/debian/bind9@1:9.20.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2025-40778"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cpx6-wck4-9yct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60002?format=json","vulnerability_id":"VCID-cr3t-cqm5-sfba","summary":"ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0097.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0097.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0097","reference_id":"","reference_type":"","scores":[{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.8642","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.86442","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.86443","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.86439","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.86426","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.8644","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=554851","reference_id":"554851","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=554851"},{"reference_url":"https://security.gentoo.org/glsa/201006-11","reference_id":"GLSA-201006-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201006-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0062","reference_id":"RHSA-2010:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0062"},{"reference_url":"https://usn.ubuntu.com/888-1/","reference_id":"USN-888-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/888-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88966?format=json","purl":"pkg:deb/debian/bind9@1:9.7.0.dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.7.0.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2010-0097"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cr3t-cqm5-sfba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59921?format=json","vulnerability_id":"VCID-cz2r-t35v-gyd1","summary":"bind: SIG(0) validation during query flood may lead to undefined behavior","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5947.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5947.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5947","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13689","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13779","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13782","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13743","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13658","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5947"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479772","reference_id":"2479772","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479772"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.20.23","reference_id":"9.20.23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:39:15Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.20.23"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.21.22","reference_id":"9.21.22","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:39:15Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.21.22"},{"reference_url":"https://kb.isc.org/docs/cve-2026-5947","reference_id":"cve-2026-5947","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:39:15Z/"}],"url":"https://kb.isc.org/docs/cve-2026-5947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7412","reference_id":"RHSA-2026:7412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7412"},{"reference_url":"https://usn.ubuntu.com/8293-1/","reference_id":"USN-8293-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8293-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89080?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2026-5947"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cz2r-t35v-gyd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60009?format=json","vulnerability_id":"VCID-d35x-y4tn-dydw","summary":"named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3615.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3615.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3615","reference_id":"","reference_type":"","scores":[{"value":"0.0529","scoring_system":"epss","scoring_elements":"0.90185","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0529","scoring_system":"epss","scoring_elements":"0.90201","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0529","scoring_system":"epss","scoring_elements":"0.902","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0529","scoring_system":"epss","scoring_elements":"0.90198","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0529","scoring_system":"epss","scoring_elements":"0.90197","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0529","scoring_system":"epss","scoring_elements":"0.90212","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3615"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605876","reference_id":"605876","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605876"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=658982","reference_id":"658982","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=658982"},{"reference_url":"https://security.gentoo.org/glsa/201206-01","reference_id":"GLSA-201206-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88968?format=json","purl":"pkg:deb/debian/bind9@1:9.7.2.dfsg.P3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.7.2.dfsg.P3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2010-3615"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d35x-y4tn-dydw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60133?format=json","vulnerability_id":"VCID-dd9v-stsw-3yae","summary":"To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the key used when sending the update request. Unfortunately, some rule types were not initially documented, and when documentation for them was added to the Administrator Reference Manual (ARM) in change #3112, the language that was added to the ARM at that time incorrectly described the behavior of two rule types, krb5-subdomain and ms-subdomain. This incorrect documentation could mislead operators into believing that policies they had configured were more restrictive than they actually were. This affects BIND versions prior to BIND 9.11.5 and BIND 9.12.3.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5741.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5741.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5741","reference_id":"","reference_type":"","scores":[{"value":"0.00971","scoring_system":"epss","scoring_elements":"0.76971","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00971","scoring_system":"epss","scoring_elements":"0.77004","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00971","scoring_system":"epss","scoring_elements":"0.77013","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00971","scoring_system":"epss","scoring_elements":"0.77001","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00971","scoring_system":"epss","scoring_elements":"0.7699","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00971","scoring_system":"epss","scoring_elements":"0.77012","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5741"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1631131","reference_id":"1631131","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1631131"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908595","reference_id":"908595","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908595"},{"reference_url":"https://security.gentoo.org/glsa/201903-13","reference_id":"GLSA-201903-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201903-13"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2057","reference_id":"RHSA-2019:2057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2057"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89012?format=json","purl":"pkg:deb/debian/bind9@1:9.11.5%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.11.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5741"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dd9v-stsw-3yae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60000?format=json","vulnerability_id":"VCID-derm-t85v-vqhg","summary":"The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0696.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0696.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0696","reference_id":"","reference_type":"","scores":[{"value":"0.33301","scoring_system":"epss","scoring_elements":"0.97007","published_at":"2026-06-04T12:55:00Z"},{"value":"0.33301","scoring_system":"epss","scoring_elements":"0.97011","published_at":"2026-06-05T12:55:00Z"},{"value":"0.33301","scoring_system":"epss","scoring_elements":"0.97013","published_at":"2026-06-06T12:55:00Z"},{"value":"0.33301","scoring_system":"epss","scoring_elements":"0.97014","published_at":"2026-06-08T12:55:00Z"},{"value":"0.33301","scoring_system":"epss","scoring_elements":"0.97017","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=514292","reference_id":"514292","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=514292"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538975","reference_id":"538975","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538975"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/9300.c","reference_id":"CVE-2009-0696;OSVDB-56584","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/9300.c"},{"reference_url":"https://security.gentoo.org/glsa/200908-02","reference_id":"GLSA-200908-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200908-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1179","reference_id":"RHSA-2009:1179","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1179"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1180","reference_id":"RHSA-2009:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1180"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1181","reference_id":"RHSA-2009:1181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1181"},{"reference_url":"https://usn.ubuntu.com/808-1/","reference_id":"USN-808-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/808-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88964?format=json","purl":"pkg:deb/debian/bind9@1:9.6.1.dfsg.P1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.6.1.dfsg.P1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2009-0696"],"risk_score":0.6,"exploitability":"2.0","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-derm-t85v-vqhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60276?format=json","vulnerability_id":"VCID-dnj3-3ztr-f7fc","summary":"In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.16.8-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40780.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40780.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-40780","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07339","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07393","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.0737","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07326","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07387","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-40780"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40780","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40780"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2405829","reference_id":"2405829","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2405829"},{"reference_url":"https://kb.isc.org/docs/cve-2025-40780","reference_id":"cve-2025-40780","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-22T17:27:36Z/"}],"url":"https://kb.isc.org/docs/cve-2025-40780"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19793","reference_id":"RHSA-2025:19793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19912","reference_id":"RHSA-2025:19912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19950","reference_id":"RHSA-2025:19950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19951","reference_id":"RHSA-2025:19951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21034","reference_id":"RHSA-2025:21034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21110","reference_id":"RHSA-2025:21110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21111","reference_id":"RHSA-2025:21111","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21817","reference_id":"RHSA-2025:21817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21887","reference_id":"RHSA-2025:21887","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21887"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21889","reference_id":"RHSA-2025:21889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21939","reference_id":"RHSA-2025:21939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21994","reference_id":"RHSA-2025:21994","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22168","reference_id":"RHSA-2025:22168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0316","reference_id":"RHSA-2026:0316","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0316"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0326","reference_id":"RHSA-2026:0326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0332","reference_id":"RHSA-2026:0332","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0332"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0420","reference_id":"RHSA-2026:0420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0674","reference_id":"RHSA-2026:0674","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0674"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0677","reference_id":"RHSA-2026:0677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0677"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0702","reference_id":"RHSA-2026:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0996","reference_id":"RHSA-2026:0996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1541","reference_id":"RHSA-2026:1541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6935","reference_id":"RHSA-2026:6935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6935"},{"reference_url":"https://usn.ubuntu.com/7836-1/","reference_id":"USN-7836-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7836-1/"},{"reference_url":"https://usn.ubuntu.com/7836-2/","reference_id":"USN-7836-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7836-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89067?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89066?format=json","purl":"pkg:deb/debian/bind9@1:9.18.41-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.41-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89069?format=json","purl":"pkg:deb/debian/bind9@1:9.20.15-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.15-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89068?format=json","purl":"pkg:deb/debian/bind9@1:9.20.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2025-40780"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dnj3-3ztr-f7fc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60186?format=json","vulnerability_id":"VCID-dtc1-c3gp-nqa3","summary":"In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8621.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8621.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8621","reference_id":"","reference_type":"","scores":[{"value":"0.04879","scoring_system":"epss","scoring_elements":"0.89751","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04879","scoring_system":"epss","scoring_elements":"0.89766","published_at":"2026-06-05T12:55:00Z"},{"value":"0.04879","scoring_system":"epss","scoring_elements":"0.89783","published_at":"2026-06-09T12:55:00Z"},{"value":"0.04879","scoring_system":"epss","scoring_elements":"0.89769","published_at":"2026-06-06T12:55:00Z"},{"value":"0.04879","scoring_system":"epss","scoring_elements":"0.89768","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8621"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1869471","reference_id":"1869471","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1869471"},{"reference_url":"https://security.gentoo.org/glsa/202008-19","reference_id":"GLSA-202008-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202008-19"},{"reference_url":"https://usn.ubuntu.com/4468-1/","reference_id":"USN-4468-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4468-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89019?format=json","purl":"pkg:deb/debian/bind9@1:9.16.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8621"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dtc1-c3gp-nqa3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60281?format=json","vulnerability_id":"VCID-dwd4-gbkq-cka9","summary":"A use-after-return vulnerability exists in the `named` server when handling DNS queries signed with SIG(0). Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly (mis)match an IP address. In a default-allow ACL (denying only specific IP addresses), this may lead to unauthorized access. Default-deny ACLs should fail-secure. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3591.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3591.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3591","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07968","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08015","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07999","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0795","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3591"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451298","reference_id":"2451298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451298"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.20.21","reference_id":"9.20.21","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T14:12:43Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.20.21"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.21.20","reference_id":"9.21.20","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T14:12:43Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.21.20"},{"reference_url":"https://kb.isc.org/docs/cve-2026-3591","reference_id":"cve-2026-3591","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-25T14:12:43Z/"}],"url":"https://kb.isc.org/docs/cve-2026-3591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6935","reference_id":"RHSA-2026:6935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6935"},{"reference_url":"https://usn.ubuntu.com/8124-1/","reference_id":"USN-8124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8124-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89075?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2026-3591"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dwd4-gbkq-cka9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6501?format=json","vulnerability_id":"VCID-dwdx-5e6p-m7ec","summary":"access restriction bypass","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3143.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3143.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3143","reference_id":"","reference_type":"","scores":[{"value":"0.26818","scoring_system":"epss","scoring_elements":"0.9646","published_at":"2026-06-06T12:55:00Z"},{"value":"0.26818","scoring_system":"epss","scoring_elements":"0.96452","published_at":"2026-06-04T12:55:00Z"},{"value":"0.26818","scoring_system":"epss","scoring_elements":"0.96461","published_at":"2026-06-08T12:55:00Z"},{"value":"0.26818","scoring_system":"epss","scoring_elements":"0.96466","published_at":"2026-06-09T12:55:00Z"},{"value":"0.26818","scoring_system":"epss","scoring_elements":"0.96456","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3143"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3142","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3142"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3143","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3143"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:C/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1466193","reference_id":"1466193","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1466193"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866564","reference_id":"866564","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866564"},{"reference_url":"https://security.archlinux.org/ASA-201707-3","reference_id":"ASA-201707-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-3"},{"reference_url":"https://security.archlinux.org/AVG-335","reference_id":"AVG-335","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1679","reference_id":"RHSA-2017:1679","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1679"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1680","reference_id":"RHSA-2017:1680","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1680"},{"reference_url":"https://usn.ubuntu.com/3346-1/","reference_id":"USN-3346-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3346-1/"},{"reference_url":"https://usn.ubuntu.com/3346-3/","reference_id":"USN-3346-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3346-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89008?format=json","purl":"pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-12.4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-12.4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2017-3143"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dwdx-5e6p-m7ec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60181?format=json","vulnerability_id":"VCID-dyw5-9wcs-vbc4","summary":"In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk (\"*\") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8619.json","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8619.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8619","reference_id":"","reference_type":"","scores":[{"value":"0.06931","scoring_system":"epss","scoring_elements":"0.91568","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06931","scoring_system":"epss","scoring_elements":"0.91591","published_at":"2026-06-09T12:55:00Z"},{"value":"0.06931","scoring_system":"epss","scoring_elements":"0.91579","published_at":"2026-06-07T12:55:00Z"},{"value":"0.06931","scoring_system":"epss","scoring_elements":"0.91576","published_at":"2026-06-08T12:55:00Z"},{"value":"0.06931","scoring_system":"epss","scoring_elements":"0.91581","published_at":"2026-06-05T12:55:00Z"},{"value":"0.06931","scoring_system":"epss","scoring_elements":"0.91583","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1847244","reference_id":"1847244","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1847244"},{"reference_url":"https://security.archlinux.org/ASA-202006-13","reference_id":"ASA-202006-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202006-13"},{"reference_url":"https://security.archlinux.org/AVG-1191","reference_id":"AVG-1191","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1191"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4500","reference_id":"RHSA-2020:4500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4500"},{"reference_url":"https://usn.ubuntu.com/4399-1/","reference_id":"USN-4399-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4399-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89018?format=json","purl":"pkg:deb/debian/bind9@1:9.16.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8619"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dyw5-9wcs-vbc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60022?format=json","vulnerability_id":"VCID-e47h-bu96-2ubh","summary":"ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5166.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5166.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5166","reference_id":"","reference_type":"","scores":[{"value":"0.41981","scoring_system":"epss","scoring_elements":"0.97504","published_at":"2026-06-04T12:55:00Z"},{"value":"0.41981","scoring_system":"epss","scoring_elements":"0.9751","published_at":"2026-06-06T12:55:00Z"},{"value":"0.41981","scoring_system":"epss","scoring_elements":"0.97511","published_at":"2026-06-07T12:55:00Z"},{"value":"0.41981","scoring_system":"epss","scoring_elements":"0.97512","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5166"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690118","reference_id":"690118","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690118"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=864273","reference_id":"864273","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=864273"},{"reference_url":"https://security.gentoo.org/glsa/201401-34","reference_id":"GLSA-201401-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1363","reference_id":"RHSA-2012:1363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1364","reference_id":"RHSA-2012:1364","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1364"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1365","reference_id":"RHSA-2012:1365","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1365"},{"reference_url":"https://usn.ubuntu.com/1601-1/","reference_id":"USN-1601-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1601-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88976?format=json","purl":"pkg:deb/debian/bind9@1:9.8.1.dfsg.P1-4.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.8.1.dfsg.P1-4.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2012-5166"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e47h-bu96-2ubh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60023?format=json","vulnerability_id":"VCID-e6mg-2c14-tfab","summary":"ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5688.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5688.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5688","reference_id":"","reference_type":"","scores":[{"value":"0.07927","scoring_system":"epss","scoring_elements":"0.92191","published_at":"2026-06-04T12:55:00Z"},{"value":"0.07927","scoring_system":"epss","scoring_elements":"0.92203","published_at":"2026-06-05T12:55:00Z"},{"value":"0.07927","scoring_system":"epss","scoring_elements":"0.92201","published_at":"2026-06-06T12:55:00Z"},{"value":"0.07927","scoring_system":"epss","scoring_elements":"0.92199","published_at":"2026-06-07T12:55:00Z"},{"value":"0.07927","scoring_system":"epss","scoring_elements":"0.922","published_at":"2026-06-08T12:55:00Z"},{"value":"0.07927","scoring_system":"epss","scoring_elements":"0.92214","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5688"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5688","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5688"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695192","reference_id":"695192","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=883533","reference_id":"883533","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=883533"},{"reference_url":"https://security.gentoo.org/glsa/201401-34","reference_id":"GLSA-201401-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1549","reference_id":"RHSA-2012:1549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1549"},{"reference_url":"https://usn.ubuntu.com/1657-1/","reference_id":"USN-1657-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1657-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88977?format=json","purl":"pkg:deb/debian/bind9@1:9.8.4.dfsg.P1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.8.4.dfsg.P1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2012-5688"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e6mg-2c14-tfab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6132?format=json","vulnerability_id":"VCID-e6rr-skgr-63ht","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5744.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5744.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5744","reference_id":"","reference_type":"","scores":[{"value":"0.04441","scoring_system":"epss","scoring_elements":"0.89259","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04441","scoring_system":"epss","scoring_elements":"0.8924","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04441","scoring_system":"epss","scoring_elements":"0.89275","published_at":"2026-06-09T12:55:00Z"},{"value":"0.04441","scoring_system":"epss","scoring_elements":"0.89258","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5744"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1679299","reference_id":"1679299","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1679299"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922953","reference_id":"922953","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922953"},{"reference_url":"https://security.archlinux.org/ASA-201902-25","reference_id":"ASA-201902-25","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-25"},{"reference_url":"https://security.archlinux.org/AVG-915","reference_id":"AVG-915","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-915"},{"reference_url":"https://usn.ubuntu.com/3893-1/","reference_id":"USN-3893-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3893-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89014?format=json","purl":"pkg:deb/debian/bind9@1:9.11.5.P4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.11.5.P4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5744"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e6rr-skgr-63ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60227?format=json","vulnerability_id":"VCID-eack-s8y1-8fas","summary":"Sending a flood of dynamic DNS updates may cause `named` to allocate large amounts of memory. This, in turn, may cause `named` to exit due to a lack of free memory. We are not aware of any cases where this has been exploited.  Memory is allocated prior to the checking of access permissions (ACLs) and is retained during the processing of a dynamic update from a client whose access credentials are accepted. Memory allocated to clients that are not permitted to send updates is released immediately upon rejection. The scope of this vulnerability is limited therefore to trusted clients who are permitted to make dynamic zone changes.  If a dynamic update is REFUSED, memory will be released again very quickly. Therefore it is only likely to be possible to degrade or stop `named` by sending a flood of unaccepted dynamic updates comparable in magnitude to a query flood intended to achieve the same detrimental outcome.  BIND 9.11 and earlier branches are also affected, but through exhaustion of internal resources rather than memory constraints. This may reduce performance but should not be a significant problem for most servers. Therefore we don't intend to address this for BIND versions prior to BIND 9.16. This issue affects BIND 9 versions 9.16.0 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.8-S1 through 9.16.36-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3094.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3094.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3094","reference_id":"","reference_type":"","scores":[{"value":"0.02338","scoring_system":"epss","scoring_elements":"0.85149","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02338","scoring_system":"epss","scoring_elements":"0.85175","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02338","scoring_system":"epss","scoring_elements":"0.85178","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02338","scoring_system":"epss","scoring_elements":"0.85173","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02338","scoring_system":"epss","scoring_elements":"0.85161","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02338","scoring_system":"epss","scoring_elements":"0.85174","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3924"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164032","reference_id":"2164032","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164032"},{"reference_url":"https://kb.isc.org/docs/cve-2022-3094","reference_id":"cve-2022-3094","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-01T13:48:11Z/"}],"url":"https://kb.isc.org/docs/cve-2022-3094"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2261","reference_id":"RHSA-2023:2261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2792","reference_id":"RHSA-2023:2792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7177","reference_id":"RHSA-2023:7177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1406","reference_id":"RHSA-2024:1406","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1406"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2720","reference_id":"RHSA-2024:2720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2720"},{"reference_url":"https://usn.ubuntu.com/5827-1/","reference_id":"USN-5827-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5827-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89032?format=json","purl":"pkg:deb/debian/bind9@1:9.16.37-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.37-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89031?format=json","purl":"pkg:deb/debian/bind9@1:9.18.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2022-3094"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eack-s8y1-8fas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60264?format=json","vulnerability_id":"VCID-eaud-15af-qkcg","summary":"A `named` caching resolver that is configured to send ECS (EDNS Client Subnet) options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40776.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40776.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-40776","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15218","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15317","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15278","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15194","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15327","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-40776"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2380930","reference_id":"2380930","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2380930"},{"reference_url":"https://kb.isc.org/docs/cve-2025-40776","reference_id":"cve-2025-40776","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-22T14:54:56Z/"}],"url":"https://kb.isc.org/docs/cve-2025-40776"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2025-40776"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eaud-15af-qkcg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60070?format=json","vulnerability_id":"VCID-edmz-dknk-9fdt","summary":"Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via unspecified vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8461.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8461.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8461","reference_id":"","reference_type":"","scores":[{"value":"0.15997","scoring_system":"epss","scoring_elements":"0.94891","published_at":"2026-06-04T12:55:00Z"},{"value":"0.15997","scoring_system":"epss","scoring_elements":"0.949","published_at":"2026-06-06T12:55:00Z"},{"value":"0.15997","scoring_system":"epss","scoring_elements":"0.94901","published_at":"2026-06-08T12:55:00Z"},{"value":"0.15997","scoring_system":"epss","scoring_elements":"0.94906","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1291186","reference_id":"1291186","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1291186"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2015-8461"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-edmz-dknk-9fdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6131?format=json","vulnerability_id":"VCID-ee12-rtfn-4qfa","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5745.json","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5745.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5745","reference_id":"","reference_type":"","scores":[{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67732","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67753","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.6778","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67769","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67773","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6465","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6465"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1679303","reference_id":"1679303","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1679303"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922954","reference_id":"922954","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922954"},{"reference_url":"https://security.archlinux.org/ASA-201902-25","reference_id":"ASA-201902-25","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-25"},{"reference_url":"https://security.archlinux.org/AVG-915","reference_id":"AVG-915","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-915"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3552","reference_id":"RHSA-2019:3552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1061","reference_id":"RHSA-2020:1061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1061"},{"reference_url":"https://usn.ubuntu.com/3893-1/","reference_id":"USN-3893-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3893-1/"},{"reference_url":"https://usn.ubuntu.com/3893-2/","reference_id":"USN-3893-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3893-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89014?format=json","purl":"pkg:deb/debian/bind9@1:9.11.5.P4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.11.5.P4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5745"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ee12-rtfn-4qfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6583?format=json","vulnerability_id":"VCID-eeth-zkrr-bqfk","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3136.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3136.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3136","reference_id":"","reference_type":"","scores":[{"value":"0.48516","scoring_system":"epss","scoring_elements":"0.97809","published_at":"2026-06-09T12:55:00Z"},{"value":"0.48516","scoring_system":"epss","scoring_elements":"0.97804","published_at":"2026-06-04T12:55:00Z"},{"value":"0.48516","scoring_system":"epss","scoring_elements":"0.9781","published_at":"2026-06-08T12:55:00Z"},{"value":"0.48516","scoring_system":"epss","scoring_elements":"0.97808","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3136"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3136","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3136"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3138"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441125","reference_id":"1441125","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441125"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860224","reference_id":"860224","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860224"},{"reference_url":"https://security.archlinux.org/ASA-201704-11","reference_id":"ASA-201704-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201704-11"},{"reference_url":"https://security.archlinux.org/AVG-239","reference_id":"AVG-239","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-239"},{"reference_url":"https://security.gentoo.org/glsa/201708-01","reference_id":"GLSA-201708-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201708-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1095","reference_id":"RHSA-2017:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1105","reference_id":"RHSA-2017:1105","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1105"},{"reference_url":"https://usn.ubuntu.com/3259-1/","reference_id":"USN-3259-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3259-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89007?format=json","purl":"pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-12.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-12.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2017-3136"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eeth-zkrr-bqfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60129?format=json","vulnerability_id":"VCID-en2e-vaud-bydc","summary":"\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5740.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5740.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5740","reference_id":"","reference_type":"","scores":[{"value":"0.6453","scoring_system":"epss","scoring_elements":"0.98471","published_at":"2026-06-04T12:55:00Z"},{"value":"0.6453","scoring_system":"epss","scoring_elements":"0.98474","published_at":"2026-06-08T12:55:00Z"},{"value":"0.6453","scoring_system":"epss","scoring_elements":"0.98475","published_at":"2026-06-06T12:55:00Z"},{"value":"0.6453","scoring_system":"epss","scoring_elements":"0.98472","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5740"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1613595","reference_id":"1613595","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1613595"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905743","reference_id":"905743","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905743"},{"reference_url":"https://security.gentoo.org/glsa/201903-13","reference_id":"GLSA-201903-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201903-13"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2570","reference_id":"RHSA-2018:2570","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2571","reference_id":"RHSA-2018:2571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2571"},{"reference_url":"https://usn.ubuntu.com/3769-1/","reference_id":"USN-3769-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3769-1/"},{"reference_url":"https://usn.ubuntu.com/3769-2/","reference_id":"USN-3769-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3769-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89011?format=json","purl":"pkg:deb/debian/bind9@1:9.11.4.P1%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.11.4.P1%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5740"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-en2e-vaud-bydc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60254?format=json","vulnerability_id":"VCID-f1cr-g433-t3ff","summary":"Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4076.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4076.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4076","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28752","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28844","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.2881","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28775","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28741","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4076"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4076","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4076"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/23/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T15:10:37Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/23/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/31/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T15:10:37Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/31/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298904","reference_id":"2298904","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298904"},{"reference_url":"https://kb.isc.org/docs/cve-2024-4076","reference_id":"cve-2024-4076","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T15:10:37Z/"}],"url":"https://kb.isc.org/docs/cve-2024-4076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5231","reference_id":"RHSA-2024:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5390","reference_id":"RHSA-2024:5390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5418","reference_id":"RHSA-2024:5418","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5418"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5525","reference_id":"RHSA-2024:5525","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5525"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5813","reference_id":"RHSA-2024:5813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5907","reference_id":"RHSA-2024:5907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6004","reference_id":"RHSA-2024:6004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6013","reference_id":"RHSA-2024:6013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6013"},{"reference_url":"https://usn.ubuntu.com/6909-1/","reference_id":"USN-6909-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6909-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89059?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89053?format=json","purl":"pkg:deb/debian/bind9@1:9.18.28-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.28-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89054?format=json","purl":"pkg:deb/debian/bind9@1:9.20.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2024-4076"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f1cr-g433-t3ff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60084?format=json","vulnerability_id":"VCID-fazp-f1wy-auem","summary":"resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS cookies are enabled, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed packet with more than one cookie option.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2088.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2088.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2088","reference_id":"","reference_type":"","scores":[{"value":"0.48434","scoring_system":"epss","scoring_elements":"0.97801","published_at":"2026-06-04T12:55:00Z"},{"value":"0.48434","scoring_system":"epss","scoring_elements":"0.97805","published_at":"2026-06-05T12:55:00Z"},{"value":"0.48434","scoring_system":"epss","scoring_elements":"0.97806","published_at":"2026-06-06T12:55:00Z"},{"value":"0.48434","scoring_system":"epss","scoring_elements":"0.97807","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2088"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315690","reference_id":"1315690","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315690"},{"reference_url":"https://security.gentoo.org/glsa/201610-07","reference_id":"GLSA-201610-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201610-07"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2088"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fazp-f1wy-auem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60160?format=json","vulnerability_id":"VCID-fbyp-ykyj-w7fy","summary":"A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6471.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6471.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6471","reference_id":"","reference_type":"","scores":[{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80691","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80718","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80719","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80716","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80712","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0139","scoring_system":"epss","scoring_elements":"0.80732","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6471"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6471","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6471"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1721780","reference_id":"1721780","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1721780"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930746","reference_id":"930746","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1714","reference_id":"RHSA-2019:1714","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1714"},{"reference_url":"https://usn.ubuntu.com/4026-1/","reference_id":"USN-4026-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4026-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89015?format=json","purl":"pkg:deb/debian/bind9@1:9.11.5.P4%2Bdfsg-5.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.11.5.P4%252Bdfsg-5.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2019-6471"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fbyp-ykyj-w7fy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60005?format=json","vulnerability_id":"VCID-fc12-dsph-uqe9","summary":"Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains (1) CNAME or (2) DNAME records, which do not have the intended validation before caching, aka Bug 20737.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4022.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0290.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0290.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0290","reference_id":"","reference_type":"","scores":[{"value":"0.04877","scoring_system":"epss","scoring_elements":"0.89748","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04877","scoring_system":"epss","scoring_elements":"0.89764","published_at":"2026-06-05T12:55:00Z"},{"value":"0.04877","scoring_system":"epss","scoring_elements":"0.89766","published_at":"2026-06-06T12:55:00Z"},{"value":"0.04877","scoring_system":"epss","scoring_elements":"0.89765","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04877","scoring_system":"epss","scoring_elements":"0.8978","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0290"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=557121","reference_id":"557121","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=557121"},{"reference_url":"https://security.gentoo.org/glsa/201006-11","reference_id":"GLSA-201006-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201006-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0062","reference_id":"RHSA-2010:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0062"},{"reference_url":"https://usn.ubuntu.com/888-1/","reference_id":"USN-888-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/888-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88966?format=json","purl":"pkg:deb/debian/bind9@1:9.7.0.dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.7.0.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2010-0290"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fc12-dsph-uqe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4943?format=json","vulnerability_id":"VCID-fn1w-b6uf-akfz","summary":"incorrect calculation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1183.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1183.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1183","reference_id":"","reference_type":"","scores":[{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.6053","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60579","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60585","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60573","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60557","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60572","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1183"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2087575","reference_id":"2087575","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2087575"},{"reference_url":"https://security.archlinux.org/AVG-2727","reference_id":"AVG-2727","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2727"},{"reference_url":"https://usn.ubuntu.com/5429-1/","reference_id":"USN-5429-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5429-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89028?format=json","purl":"pkg:deb/debian/bind9@1:9.18.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2022-1183"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fn1w-b6uf-akfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60222?format=json","vulnerability_id":"VCID-g3ve-7wrz-cuc6","summary":"An attacker can leverage this flaw to gradually erode available memory to the point where named crashes for lack of resources. Upon restart the attacker would have to begin again, but nevertheless there is the potential to deny service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2906.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2906.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2906","reference_id":"","reference_type":"","scores":[{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75363","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75399","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75393","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75396","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75387","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00859","scoring_system":"epss","scoring_elements":"0.75374","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2906"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2128598","reference_id":"2128598","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2128598"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/09/21/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:25:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/09/21/3"},{"reference_url":"https://kb.isc.org/docs/cve-2022-2906","reference_id":"cve-2022-2906","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:25:54Z/"}],"url":"https://kb.isc.org/docs/cve-2022-2906"},{"reference_url":"https://security.gentoo.org/glsa/202210-25","reference_id":"GLSA-202210-25","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:25:54Z/"}],"url":"https://security.gentoo.org/glsa/202210-25"},{"reference_url":"https://usn.ubuntu.com/5626-1/","reference_id":"USN-5626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89029?format=json","purl":"pkg:deb/debian/bind9@1:9.18.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2022-2906"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g3ve-7wrz-cuc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6669?format=json","vulnerability_id":"VCID-gckg-p3hm-gfcn","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9444.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9444.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9444","reference_id":"","reference_type":"","scores":[{"value":"0.30871","scoring_system":"epss","scoring_elements":"0.96825","published_at":"2026-06-04T12:55:00Z"},{"value":"0.30871","scoring_system":"epss","scoring_elements":"0.96839","published_at":"2026-06-09T12:55:00Z"},{"value":"0.30871","scoring_system":"epss","scoring_elements":"0.96834","published_at":"2026-06-08T12:55:00Z"},{"value":"0.30871","scoring_system":"epss","scoring_elements":"0.96835","published_at":"2026-06-07T12:55:00Z"},{"value":"0.30871","scoring_system":"epss","scoring_elements":"0.9683","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9444"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9444","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9444"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1411377","reference_id":"1411377","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1411377"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851062","reference_id":"851062","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851062"},{"reference_url":"https://security.archlinux.org/ASA-201701-15","reference_id":"ASA-201701-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-15"},{"reference_url":"https://security.archlinux.org/AVG-132","reference_id":"AVG-132","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-132"},{"reference_url":"https://security.gentoo.org/glsa/201708-01","reference_id":"GLSA-201708-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201708-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0062","reference_id":"RHSA-2017:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1583","reference_id":"RHSA-2017:1583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1583"},{"reference_url":"https://usn.ubuntu.com/3172-1/","reference_id":"USN-3172-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3172-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88991?format=json","purl":"pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9444"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gckg-p3hm-gfcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60239?format=json","vulnerability_id":"VCID-gfrm-bbvq-z7gg","summary":"The DNS message parsing code in `named` includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected `named` instance by exploiting this flaw. This issue affects both authoritative servers and recursive resolvers. This issue affects BIND 9 versions 9.0.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4408.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4408.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4408","reference_id":"","reference_type":"","scores":[{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50802","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50816","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50786","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.53121","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.53113","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/13/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T20:37:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/13/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263896","reference_id":"2263896","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263896"},{"reference_url":"https://kb.isc.org/docs/cve-2023-4408","reference_id":"cve-2023-4408","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T20:37:05Z/"}],"url":"https://kb.isc.org/docs/cve-2023-4408"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/","reference_id":"HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T20:37:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0001/","reference_id":"ntap-20240426-0001","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T20:37:05Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0001/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/","reference_id":"PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T20:37:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/","reference_id":"RGS7JN6FZXUSTC2XKQHH27574XOULYYJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T20:37:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1647","reference_id":"RHSA-2024:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1648","reference_id":"RHSA-2024:1648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1781","reference_id":"RHSA-2024:1781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1782","reference_id":"RHSA-2024:1782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1789","reference_id":"RHSA-2024:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1800","reference_id":"RHSA-2024:1800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1803","reference_id":"RHSA-2024:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2551","reference_id":"RHSA-2024:2551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2720","reference_id":"RHSA-2024:2720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2721","reference_id":"RHSA-2024:2721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2821","reference_id":"RHSA-2024:2821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2890","reference_id":"RHSA-2024:2890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3271","reference_id":"RHSA-2024:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3741","reference_id":"RHSA-2024:3741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0039","reference_id":"RHSA-2025:0039","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0039"},{"reference_url":"https://usn.ubuntu.com/6633-1/","reference_id":"USN-6633-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6633-1/"},{"reference_url":"https://usn.ubuntu.com/6642-1/","reference_id":"USN-6642-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6642-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","reference_id":"ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T20:37:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89051?format=json","purl":"pkg:deb/debian/bind9@1:9.16.48-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.48-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89050?format=json","purl":"pkg:deb/debian/bind9@1:9.18.24-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.24-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89052?format=json","purl":"pkg:deb/debian/bind9@1:9.19.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.19.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2023-4408"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gfrm-bbvq-z7gg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7186?format=json","vulnerability_id":"VCID-gp5h-zra5-2bad","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25218.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25218.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25218","reference_id":"","reference_type":"","scores":[{"value":"0.00584","scoring_system":"epss","scoring_elements":"0.69397","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00584","scoring_system":"epss","scoring_elements":"0.69443","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00584","scoring_system":"epss","scoring_elements":"0.69435","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00584","scoring_system":"epss","scoring_elements":"0.69423","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00584","scoring_system":"epss","scoring_elements":"0.69437","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00584","scoring_system":"epss","scoring_elements":"0.69445","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25218"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1995312","reference_id":"1995312","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1995312"},{"reference_url":"https://security.archlinux.org/AVG-2303","reference_id":"AVG-2303","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2303"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2021-25218"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gp5h-zra5-2bad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59994?format=json","vulnerability_id":"VCID-huh2-5wx5-13ht","summary":"ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2926.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2926.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2926","reference_id":"","reference_type":"","scores":[{"value":"0.2056","scoring_system":"epss","scoring_elements":"0.95685","published_at":"2026-06-04T12:55:00Z"},{"value":"0.2056","scoring_system":"epss","scoring_elements":"0.9569","published_at":"2026-06-05T12:55:00Z"},{"value":"0.2056","scoring_system":"epss","scoring_elements":"0.95694","published_at":"2026-06-06T12:55:00Z"},{"value":"0.2056","scoring_system":"epss","scoring_elements":"0.95695","published_at":"2026-06-07T12:55:00Z"},{"value":"0.2056","scoring_system":"epss","scoring_elements":"0.95696","published_at":"2026-06-08T12:55:00Z"},{"value":"0.2056","scoring_system":"epss","scoring_elements":"0.95699","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=248851","reference_id":"248851","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=248851"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/4266.py","reference_id":"CVE-2007-2926","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/4266.py"},{"reference_url":"https://security.gentoo.org/glsa/200708-13","reference_id":"GLSA-200708-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200708-13"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0740","reference_id":"RHSA-2007:0740","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0740"},{"reference_url":"https://usn.ubuntu.com/491-1/","reference_id":"USN-491-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/491-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88961?format=json","purl":"pkg:deb/debian/bind9@1:9.4.1-P1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.4.1-P1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2007-2926"],"risk_score":0.4,"exploitability":"2.0","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-huh2-5wx5-13ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60073?format=json","vulnerability_id":"VCID-hz3v-ru4e-ekgc","summary":"apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8704.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8704.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8704","reference_id":"","reference_type":"","scores":[{"value":"0.20815","scoring_system":"epss","scoring_elements":"0.9572","published_at":"2026-06-04T12:55:00Z"},{"value":"0.20815","scoring_system":"epss","scoring_elements":"0.95726","published_at":"2026-06-05T12:55:00Z"},{"value":"0.20815","scoring_system":"epss","scoring_elements":"0.9573","published_at":"2026-06-06T12:55:00Z"},{"value":"0.20815","scoring_system":"epss","scoring_elements":"0.95731","published_at":"2026-06-08T12:55:00Z"},{"value":"0.20815","scoring_system":"epss","scoring_elements":"0.95735","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1299364","reference_id":"1299364","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1299364"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812077","reference_id":"812077","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812077"},{"reference_url":"https://security.gentoo.org/glsa/201610-07","reference_id":"GLSA-201610-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201610-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0073","reference_id":"RHSA-2016:0073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0073"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0074","reference_id":"RHSA-2016:0074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0074"},{"reference_url":"https://usn.ubuntu.com/2874-1/","reference_id":"USN-2874-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2874-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88987?format=json","purl":"pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2015-8704"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hz3v-ru4e-ekgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5896?format=json","vulnerability_id":"VCID-j31r-veey-gbhe","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8616.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8616.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8616","reference_id":"","reference_type":"","scores":[{"value":"0.1534","scoring_system":"epss","scoring_elements":"0.94758","published_at":"2026-06-04T12:55:00Z"},{"value":"0.1534","scoring_system":"epss","scoring_elements":"0.94775","published_at":"2026-06-09T12:55:00Z"},{"value":"0.1534","scoring_system":"epss","scoring_elements":"0.94768","published_at":"2026-06-06T12:55:00Z"},{"value":"0.1534","scoring_system":"epss","scoring_elements":"0.94769","published_at":"2026-06-08T12:55:00Z"},{"value":"0.1534","scoring_system":"epss","scoring_elements":"0.94767","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8617"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1836118","reference_id":"1836118","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1836118"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961939","reference_id":"961939","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961939"},{"reference_url":"https://security.archlinux.org/ASA-202005-13","reference_id":"ASA-202005-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202005-13"},{"reference_url":"https://security.archlinux.org/AVG-1165","reference_id":"AVG-1165","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2338","reference_id":"RHSA-2020:2338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2344","reference_id":"RHSA-2020:2344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2345","reference_id":"RHSA-2020:2345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2383","reference_id":"RHSA-2020:2383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2383"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2404","reference_id":"RHSA-2020:2404","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2404"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3272","reference_id":"RHSA-2020:3272","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3272"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3378","reference_id":"RHSA-2020:3378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3379","reference_id":"RHSA-2020:3379","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3379"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3433","reference_id":"RHSA-2020:3433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3470","reference_id":"RHSA-2020:3470","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3470"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3471","reference_id":"RHSA-2020:3471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3475","reference_id":"RHSA-2020:3475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3475"},{"reference_url":"https://usn.ubuntu.com/4365-1/","reference_id":"USN-4365-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4365-1/"},{"reference_url":"https://usn.ubuntu.com/4365-2/","reference_id":"USN-4365-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4365-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89017?format=json","purl":"pkg:deb/debian/bind9@1:9.16.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8616"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j31r-veey-gbhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51195?format=json","vulnerability_id":"VCID-j55y-4heb-wqc1","summary":"ruby -- DNS spoofing vulnerability in resolv.rb\nresolv.rb allow remote attackers to spoof DNS answers. This risk can be\nreduced by randomness of DNS transaction IDs and source ports, so\nresolv.rb is fixed to randomize them.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1447.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1447","reference_id":"","reference_type":"","scores":[{"value":"0.87662","scoring_system":"epss","scoring_elements":"0.99482","published_at":"2026-06-04T12:55:00Z"},{"value":"0.87662","scoring_system":"epss","scoring_elements":"0.99483","published_at":"2026-06-06T12:55:00Z"},{"value":"0.87662","scoring_system":"epss","scoring_elements":"0.99484","published_at":"2026-06-07T12:55:00Z"},{"value":"0.88109","scoring_system":"epss","scoring_elements":"0.99503","published_at":"2026-06-08T12:55:00Z"},{"value":"0.88109","scoring_system":"epss","scoring_elements":"0.99504","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447"},{"reference_url":"https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/","reference_id":"","reference_type":"","scores":[],"url":"https://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=449345","reference_id":"449345","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=449345"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123","reference_id":"490123","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490123"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465","reference_id":"492465","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492465"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698","reference_id":"492698","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492698"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700","reference_id":"492700","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492700"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599","reference_id":"493599","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493599"},{"reference_url":"https://security.gentoo.org/glsa/200807-08","reference_id":"GLSA-200807-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200807-08"},{"reference_url":"https://security.gentoo.org/glsa/200809-02","reference_id":"GLSA-200809-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200809-02"},{"reference_url":"https://security.gentoo.org/glsa/200812-17","reference_id":"GLSA-200812-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-17"},{"reference_url":"https://security.gentoo.org/glsa/200901-03","reference_id":"GLSA-200901-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200901-03"},{"reference_url":"https://security.gentoo.org/glsa/201209-25","reference_id":"GLSA-201209-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-25"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb","reference_id":"OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6122.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py","reference_id":"OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6123.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c","reference_id":"OSVDB-48245;CVE-2008-4194;OSVDB-47927;CVE-2008-1447;OSVDB-47926;OSVDB-47916;OSVDB-47232;OSVDB-46776","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/6130.c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0533","reference_id":"RHSA-2008:0533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0789","reference_id":"RHSA-2008:0789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0789"},{"reference_url":"https://usn.ubuntu.com/622-1/","reference_id":"USN-622-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/622-1/"},{"reference_url":"https://usn.ubuntu.com/627-1/","reference_id":"USN-627-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/627-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88962?format=json","purl":"pkg:deb/debian/bind9@1:9.5.0.dfsg-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.5.0.dfsg-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2008-1447"],"risk_score":1.6,"exploitability":"2.0","weighted_severity":"0.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j55y-4heb-wqc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60150?format=json","vulnerability_id":"VCID-j6f1-k9nz-j3bh","summary":"A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAIN redirection for recursive clients, is also serving a local copy of the root zone or using mirroring to provide the root zone, although other configurations are also possible. Versions affected: BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6467.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6467.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6467","reference_id":"","reference_type":"","scores":[{"value":"0.17224","scoring_system":"epss","scoring_elements":"0.95148","published_at":"2026-06-04T12:55:00Z"},{"value":"0.17224","scoring_system":"epss","scoring_elements":"0.95157","published_at":"2026-06-05T12:55:00Z"},{"value":"0.17224","scoring_system":"epss","scoring_elements":"0.95158","published_at":"2026-06-06T12:55:00Z"},{"value":"0.17224","scoring_system":"epss","scoring_elements":"0.95159","published_at":"2026-06-08T12:55:00Z"},{"value":"0.17224","scoring_system":"epss","scoring_elements":"0.95163","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702545","reference_id":"1702545","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702545"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2019-6467"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j6f1-k9nz-j3bh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60032?format=json","vulnerability_id":"VCID-j92w-zrdw-7bdw","summary":"The Winsock WSAIoctl API in Microsoft Windows Server 2008, as used in ISC BIND 9.6-ESV before 9.6-ESV-R10-P1, 9.8 before 9.8.6-P1, 9.9 before 9.9.4-P1, 9.9.3-S1, 9.9.4-S1, and other products, does not properly support the SIO_GET_INTERFACE_LIST command for netmask 255.255.255.255, which allows remote attackers to bypass intended IP address restrictions by leveraging misinterpretation of this netmask as a 0.0.0.0 netmask.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6230.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6230.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6230","reference_id":"","reference_type":"","scores":[{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77952","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77979","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77985","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77976","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77965","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77982","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6230"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1027689","reference_id":"1027689","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1027689"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2013-6230"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j92w-zrdw-7bdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59991?format=json","vulnerability_id":"VCID-jv37-y6v9-kfh9","summary":"ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the \"DNSSEC Validation\" vulnerability.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0494.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0494.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0494","reference_id":"","reference_type":"","scores":[{"value":"0.41543","scoring_system":"epss","scoring_elements":"0.97487","published_at":"2026-06-04T12:55:00Z"},{"value":"0.41543","scoring_system":"epss","scoring_elements":"0.97493","published_at":"2026-06-05T12:55:00Z"},{"value":"0.41543","scoring_system":"epss","scoring_elements":"0.97494","published_at":"2026-06-07T12:55:00Z"},{"value":"0.41543","scoring_system":"epss","scoring_elements":"0.97495","published_at":"2026-06-08T12:55:00Z"},{"value":"0.41543","scoring_system":"epss","scoring_elements":"0.97496","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=225268","reference_id":"225268","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=225268"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408432","reference_id":"408432","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408432"},{"reference_url":"https://security.gentoo.org/glsa/200702-06","reference_id":"GLSA-200702-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200702-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0044","reference_id":"RHSA-2007:0044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0057","reference_id":"RHSA-2007:0057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0057"},{"reference_url":"https://usn.ubuntu.com/418-1/","reference_id":"USN-418-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/418-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88959?format=json","purl":"pkg:deb/debian/bind9@1:9.3.4-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.3.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2007-0494"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jv37-y6v9-kfh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6671?format=json","vulnerability_id":"VCID-jwwa-678s-7ua8","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9131.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9131.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9131","reference_id":"","reference_type":"","scores":[{"value":"0.6803","scoring_system":"epss","scoring_elements":"0.9861","published_at":"2026-06-08T12:55:00Z"},{"value":"0.6803","scoring_system":"epss","scoring_elements":"0.98611","published_at":"2026-06-07T12:55:00Z"},{"value":"0.6803","scoring_system":"epss","scoring_elements":"0.98609","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9444","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9444"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1411348","reference_id":"1411348","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1411348"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851065","reference_id":"851065","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851065"},{"reference_url":"https://security.archlinux.org/ASA-201701-15","reference_id":"ASA-201701-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-15"},{"reference_url":"https://security.archlinux.org/AVG-132","reference_id":"AVG-132","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-132"},{"reference_url":"https://security.gentoo.org/glsa/201708-01","reference_id":"GLSA-201708-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201708-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0062","reference_id":"RHSA-2017:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1583","reference_id":"RHSA-2017:1583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1583"},{"reference_url":"https://usn.ubuntu.com/3172-1/","reference_id":"USN-3172-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3172-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88991?format=json","purl":"pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9131"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jwwa-678s-7ua8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60251?format=json","vulnerability_id":"VCID-k1xx-ncj1-akhj","summary":"If a server hosts a zone containing a \"KEY\" Resource Record, or a resolver DNSSEC-validates a \"KEY\" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests. This issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1975.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1975.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1975","reference_id":"","reference_type":"","scores":[{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.47027","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.47061","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.47063","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.47046","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.47016","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4076","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4076"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/23/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:12:04Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/23/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/31/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:12:04Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/31/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298901","reference_id":"2298901","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298901"},{"reference_url":"https://kb.isc.org/docs/cve-2024-1975","reference_id":"cve-2024-1975","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:12:04Z/"}],"url":"https://kb.isc.org/docs/cve-2024-1975"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5231","reference_id":"RHSA-2024:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5390","reference_id":"RHSA-2024:5390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5418","reference_id":"RHSA-2024:5418","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5418"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5524","reference_id":"RHSA-2024:5524","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5524"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5525","reference_id":"RHSA-2024:5525","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5525"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5655","reference_id":"RHSA-2024:5655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5813","reference_id":"RHSA-2024:5813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5838","reference_id":"RHSA-2024:5838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5871","reference_id":"RHSA-2024:5871","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5871"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5894","reference_id":"RHSA-2024:5894","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5894"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5907","reference_id":"RHSA-2024:5907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5908","reference_id":"RHSA-2024:5908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5930","reference_id":"RHSA-2024:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6004","reference_id":"RHSA-2024:6004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6013","reference_id":"RHSA-2024:6013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6642","reference_id":"RHSA-2024:6642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6642"},{"reference_url":"https://usn.ubuntu.com/6909-1/","reference_id":"USN-6909-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6909-1/"},{"reference_url":"https://usn.ubuntu.com/6909-2/","reference_id":"USN-6909-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6909-2/"},{"reference_url":"https://usn.ubuntu.com/6909-3/","reference_id":"USN-6909-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6909-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89059?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89053?format=json","purl":"pkg:deb/debian/bind9@1:9.18.28-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.28-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89054?format=json","purl":"pkg:deb/debian/bind9@1:9.20.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2024-1975"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k1xx-ncj1-akhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60017?format=json","vulnerability_id":"VCID-k3yn-zy7a-syen","summary":"The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a \"ghost domain names\" attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1033.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1033.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1033","reference_id":"","reference_type":"","scores":[{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.7625","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00912","scoring_system":"epss","scoring_elements":"0.76274","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01868","scoring_system":"epss","scoring_elements":"0.83443","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01868","scoring_system":"epss","scoring_elements":"0.83468","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01868","scoring_system":"epss","scoring_elements":"0.8347","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01868","scoring_system":"epss","scoring_elements":"0.83467","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1033"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1033","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1033"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=788650","reference_id":"788650","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=788650"},{"reference_url":"https://security.gentoo.org/glsa/201209-04","reference_id":"GLSA-201209-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0716","reference_id":"RHSA-2012:0716","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0716"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0717","reference_id":"RHSA-2012:0717","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0717"},{"reference_url":"https://usn.ubuntu.com/1462-1/","reference_id":"USN-1462-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1462-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88973?format=json","purl":"pkg:deb/debian/bind9@1:9.8.1.dfsg.P1-4.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.8.1.dfsg.P1-4.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2012-1033"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k3yn-zy7a-syen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60076?format=json","vulnerability_id":"VCID-kdtb-etvn-f3fa","summary":"buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit, or daemon crash) or possibly have unspecified other impact via (1) OPT data or (2) an ECS option.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8705.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8705.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8705","reference_id":"","reference_type":"","scores":[{"value":"0.23585","scoring_system":"epss","scoring_elements":"0.96086","published_at":"2026-06-04T12:55:00Z"},{"value":"0.23585","scoring_system":"epss","scoring_elements":"0.9609","published_at":"2026-06-05T12:55:00Z"},{"value":"0.23585","scoring_system":"epss","scoring_elements":"0.96094","published_at":"2026-06-06T12:55:00Z"},{"value":"0.23585","scoring_system":"epss","scoring_elements":"0.96095","published_at":"2026-06-08T12:55:00Z"},{"value":"0.23585","scoring_system":"epss","scoring_elements":"0.961","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8705"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1299367","reference_id":"1299367","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1299367"},{"reference_url":"https://security.gentoo.org/glsa/201610-07","reference_id":"GLSA-201610-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201610-07"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2015-8705"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kdtb-etvn-f3fa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60020?format=json","vulnerability_id":"VCID-ktau-77em-syh6","summary":"Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3868.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3868.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3868","reference_id":"","reference_type":"","scores":[{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83869","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83892","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83895","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.8389","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01972","scoring_system":"epss","scoring_elements":"0.83881","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3868"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=842895","reference_id":"842895","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=842895"},{"reference_url":"https://security.gentoo.org/glsa/201209-04","reference_id":"GLSA-201209-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-04"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2012-3868"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ktau-77em-syh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59989?format=json","vulnerability_id":"VCID-kuj8-jzq5-bkfc","summary":"BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via a flood of recursive queries, which cause an INSIST failure when the response is received after the recursion queue is empty.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4096.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4096.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4096","reference_id":"","reference_type":"","scores":[{"value":"0.19584","scoring_system":"epss","scoring_elements":"0.9553","published_at":"2026-06-04T12:55:00Z"},{"value":"0.19584","scoring_system":"epss","scoring_elements":"0.95537","published_at":"2026-06-05T12:55:00Z"},{"value":"0.19584","scoring_system":"epss","scoring_elements":"0.9554","published_at":"2026-06-06T12:55:00Z"},{"value":"0.19584","scoring_system":"epss","scoring_elements":"0.95542","published_at":"2026-06-07T12:55:00Z"},{"value":"0.19584","scoring_system":"epss","scoring_elements":"0.95543","published_at":"2026-06-08T12:55:00Z"},{"value":"0.19584","scoring_system":"epss","scoring_elements":"0.95547","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4096"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4096","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4096"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=386245","reference_id":"386245","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=386245"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=494543","reference_id":"494543","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=494543"},{"reference_url":"https://security.gentoo.org/glsa/200609-11","reference_id":"GLSA-200609-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200609-11"},{"reference_url":"https://usn.ubuntu.com/343-1/","reference_id":"USN-343-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/343-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88958?format=json","purl":"pkg:deb/debian/bind9@1:9.3.2-P1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.3.2-P1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2006-4096"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kuj8-jzq5-bkfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59997?format=json","vulnerability_id":"VCID-m4t7-af3x-9yfv","summary":"Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows allows remote attackers to cause a denial of service (UDP client handler termination) via unknown vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4163.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4163.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4163","reference_id":"","reference_type":"","scores":[{"value":"0.26697","scoring_system":"epss","scoring_elements":"0.96441","published_at":"2026-06-04T12:55:00Z"},{"value":"0.26697","scoring_system":"epss","scoring_elements":"0.96446","published_at":"2026-06-05T12:55:00Z"},{"value":"0.26697","scoring_system":"epss","scoring_elements":"0.9645","published_at":"2026-06-06T12:55:00Z"},{"value":"0.26697","scoring_system":"epss","scoring_elements":"0.96451","published_at":"2026-06-08T12:55:00Z"},{"value":"0.26697","scoring_system":"epss","scoring_elements":"0.96457","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4163"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2008-4163"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m4t7-af3x-9yfv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6668?format=json","vulnerability_id":"VCID-mbd1-nf9k-fqcc","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9778.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9778.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9778","reference_id":"","reference_type":"","scores":[{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90314","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.9034","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90325","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90324","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90329","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0542","scoring_system":"epss","scoring_elements":"0.90328","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1411387","reference_id":"1411387","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1411387"},{"reference_url":"https://security.archlinux.org/ASA-201701-15","reference_id":"ASA-201701-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-15"},{"reference_url":"https://security.archlinux.org/AVG-132","reference_id":"AVG-132","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-132"},{"reference_url":"https://security.gentoo.org/glsa/201708-01","reference_id":"GLSA-201708-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201708-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9778"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mbd1-nf9k-fqcc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60241?format=json","vulnerability_id":"VCID-me6t-p2ef-43ch","summary":"Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the \"KeyTrap\" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50387","reference_id":"","reference_type":"","scores":[{"value":"0.43215","scoring_system":"epss","scoring_elements":"0.97578","published_at":"2026-06-09T12:55:00Z"},{"value":"0.43701","scoring_system":"epss","scoring_elements":"0.97597","published_at":"2026-06-05T12:55:00Z"},{"value":"0.43701","scoring_system":"epss","scoring_elements":"0.97598","published_at":"2026-06-07T12:55:00Z"},{"value":"0.43701","scoring_system":"epss","scoring_elements":"0.97599","published_at":"2026-06-06T12:55:00Z"},{"value":"0.43701","scoring_system":"epss","scoring_elements":"0.976","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-50387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html","reference_id":"017430.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845","reference_id":"1063845","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063845"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852","reference_id":"1063852","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063852"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750","reference_id":"1077750","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077750"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/16/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/16/2"},{"reference_url":"https://www.isc.org/blogs/2024-bind-security-release/","reference_id":"2024-bind-security-release","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.isc.org/blogs/2024-bind-security-release/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263914","reference_id":"2263914","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263914"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/16/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/16/3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/","reference_id":"6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/","reference_id":"BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/"},{"reference_url":"https://kb.isc.org/docs/cve-2023-50387","reference_id":"cve-2023-50387","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://kb.isc.org/docs/cve-2023-50387"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-50387","reference_id":"CVE-2023-50387","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-50387"},{"reference_url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387","reference_id":"CVE-2023-50387","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387"},{"reference_url":"https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/","reference_id":"dnssec_vulnerability_internet","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/"},{"reference_url":"https://security.gentoo.org/glsa/202412-10","reference_id":"GLSA-202412-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-10"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/","reference_id":"HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/","reference_id":"IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/"},{"reference_url":"https://news.ycombinator.com/item?id=39367411","reference_id":"item?id=39367411","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://news.ycombinator.com/item?id=39367411"},{"reference_url":"https://news.ycombinator.com/item?id=39372384","reference_id":"item?id=39372384","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://news.ycombinator.com/item?id=39372384"},{"reference_url":"https://www.athene-center.de/aktuelles/key-trap","reference_id":"key-trap","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.athene-center.de/aktuelles/key-trap"},{"reference_url":"https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/","reference_id":"keytrap-dns-attack-could-disable-large-parts-of-internet-researchers","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html","reference_id":"msg00006.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240307-0007/","reference_id":"ntap-20240307-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240307-0007/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/","reference_id":"PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/"},{"reference_url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html","reference_id":"powerdns-advisory-2024-01.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/","reference_id":"RGS7JN6FZXUSTC2XKQHH27574XOULYYJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0965","reference_id":"RHSA-2024:0965","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0977","reference_id":"RHSA-2024:0977","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0981","reference_id":"RHSA-2024:0981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0982","reference_id":"RHSA-2024:0982","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0982"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11003","reference_id":"RHSA-2024:11003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:11003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1334","reference_id":"RHSA-2024:1334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1335","reference_id":"RHSA-2024:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1522","reference_id":"RHSA-2024:1522","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1543","reference_id":"RHSA-2024:1543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1544","reference_id":"RHSA-2024:1544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1545","reference_id":"RHSA-2024:1545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1647","reference_id":"RHSA-2024:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1648","reference_id":"RHSA-2024:1648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1781","reference_id":"RHSA-2024:1781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1782","reference_id":"RHSA-2024:1782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1789","reference_id":"RHSA-2024:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1800","reference_id":"RHSA-2024:1800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1801","reference_id":"RHSA-2024:1801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1803","reference_id":"RHSA-2024:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1804","reference_id":"RHSA-2024:1804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2551","reference_id":"RHSA-2024:2551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2587","reference_id":"RHSA-2024:2587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2696","reference_id":"RHSA-2024:2696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2720","reference_id":"RHSA-2024:2720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2721","reference_id":"RHSA-2024:2721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2821","reference_id":"RHSA-2024:2821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2890","reference_id":"RHSA-2024:2890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3271","reference_id":"RHSA-2024:3271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3741","reference_id":"RHSA-2024:3741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3877","reference_id":"RHSA-2024:3877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3929","reference_id":"RHSA-2024:3929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0039","reference_id":"RHSA-2025:0039","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0039"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1219823","reference_id":"show_bug.cgi?id=1219823","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1219823"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/","reference_id":"SVYA42BLXUCIDLD35YIJPJSHDIADNYMP","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/"},{"reference_url":"https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf","reference_id":"Technical_Report_KeyTrap.pdf","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/","reference_id":"TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/"},{"reference_url":"https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/","reference_id":"unbound-1.19.1-released","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/","reference_id":"UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/"},{"reference_url":"https://usn.ubuntu.com/6633-1/","reference_id":"USN-6633-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6633-1/"},{"reference_url":"https://usn.ubuntu.com/6642-1/","reference_id":"USN-6642-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6642-1/"},{"reference_url":"https://usn.ubuntu.com/6657-1/","reference_id":"USN-6657-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-1/"},{"reference_url":"https://usn.ubuntu.com/6657-2/","reference_id":"USN-6657-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6657-2/"},{"reference_url":"https://usn.ubuntu.com/6665-1/","reference_id":"USN-6665-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6665-1/"},{"reference_url":"https://usn.ubuntu.com/6723-1/","reference_id":"USN-6723-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6723-1/"},{"reference_url":"https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1","reference_id":"v5.7.1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","reference_id":"ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89051?format=json","purl":"pkg:deb/debian/bind9@1:9.16.48-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.48-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89050?format=json","purl":"pkg:deb/debian/bind9@1:9.18.24-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.24-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89052?format=json","purl":"pkg:deb/debian/bind9@1:9.19.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.19.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2023-50387"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-me6t-p2ef-43ch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60250?format=json","vulnerability_id":"VCID-msvw-a6mb-yqcr","summary":"Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1737.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1737.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1737","reference_id":"","reference_type":"","scores":[{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51844","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51868","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51877","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51855","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51824","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4076","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4076"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/23/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T17:27:11Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/23/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/31/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T17:27:11Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/31/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298893","reference_id":"2298893","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298893"},{"reference_url":"https://kb.isc.org/docs/cve-2024-1737","reference_id":"cve-2024-1737","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T17:27:11Z/"}],"url":"https://kb.isc.org/docs/cve-2024-1737"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5231","reference_id":"RHSA-2024:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5390","reference_id":"RHSA-2024:5390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5418","reference_id":"RHSA-2024:5418","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5418"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5524","reference_id":"RHSA-2024:5524","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5524"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5525","reference_id":"RHSA-2024:5525","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5525"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5655","reference_id":"RHSA-2024:5655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5813","reference_id":"RHSA-2024:5813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5838","reference_id":"RHSA-2024:5838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5871","reference_id":"RHSA-2024:5871","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5871"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5894","reference_id":"RHSA-2024:5894","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5894"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5907","reference_id":"RHSA-2024:5907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5908","reference_id":"RHSA-2024:5908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5930","reference_id":"RHSA-2024:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6004","reference_id":"RHSA-2024:6004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6013","reference_id":"RHSA-2024:6013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6642","reference_id":"RHSA-2024:6642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6642"},{"reference_url":"https://kb.isc.org/docs/rrset-limits-in-zones","reference_id":"rrset-limits-in-zones","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T17:27:11Z/"}],"url":"https://kb.isc.org/docs/rrset-limits-in-zones"},{"reference_url":"https://usn.ubuntu.com/6909-1/","reference_id":"USN-6909-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6909-1/"},{"reference_url":"https://usn.ubuntu.com/6909-2/","reference_id":"USN-6909-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6909-2/"},{"reference_url":"https://usn.ubuntu.com/6909-3/","reference_id":"USN-6909-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6909-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89059?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89053?format=json","purl":"pkg:deb/debian/bind9@1:9.18.28-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.28-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89054?format=json","purl":"pkg:deb/debian/bind9@1:9.20.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2024-1737"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-msvw-a6mb-yqcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60063?format=json","vulnerability_id":"VCID-mubk-yrma-cuc9","summary":"openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5986.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5986.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5986","reference_id":"","reference_type":"","scores":[{"value":"0.47991","scoring_system":"epss","scoring_elements":"0.97776","published_at":"2026-06-04T12:55:00Z"},{"value":"0.47991","scoring_system":"epss","scoring_elements":"0.9778","published_at":"2026-06-05T12:55:00Z"},{"value":"0.47991","scoring_system":"epss","scoring_elements":"0.97782","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5986"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1259085","reference_id":"1259085","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1259085"},{"reference_url":"https://security.gentoo.org/glsa/201510-01","reference_id":"GLSA-201510-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201510-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2015-5986"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mubk-yrma-cuc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60056?format=json","vulnerability_id":"VCID-n44z-f191-ake6","summary":"named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5477.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5477.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5477","reference_id":"","reference_type":"","scores":[{"value":"0.92376","scoring_system":"epss","scoring_elements":"0.99741","published_at":"2026-06-08T12:55:00Z"},{"value":"0.92376","scoring_system":"epss","scoring_elements":"0.99742","published_at":"2026-06-09T12:55:00Z"},{"value":"0.9267","scoring_system":"epss","scoring_elements":"0.9976","published_at":"2026-06-07T12:55:00Z"},{"value":"0.92752","scoring_system":"epss","scoring_elements":"0.99766","published_at":"2026-06-04T12:55:00Z"},{"value":"0.92752","scoring_system":"epss","scoring_elements":"0.99767","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5477","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5477"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1247361","reference_id":"1247361","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1247361"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793903","reference_id":"793903","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793903"},{"reference_url":"https://github.com/robertdavidgraham/cve-2015-5477/blob/34137c71a7fb4e3fa894b045583e67d7b46d62cc/tkill.c","reference_id":"CVE-2015-5477","reference_type":"exploit","scores":[],"url":"https://github.com/robertdavidgraham/cve-2015-5477/blob/34137c71a7fb4e3fa894b045583e67d7b46d62cc/tkill.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/37721.c","reference_id":"CVE-2015-5477","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/37721.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/37723.py","reference_id":"CVE-2015-5477;OSVDB-125438","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/37723.py"},{"reference_url":"https://security.gentoo.org/glsa/201510-01","reference_id":"GLSA-201510-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201510-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1513","reference_id":"RHSA-2015:1513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1514","reference_id":"RHSA-2015:1514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1515","reference_id":"RHSA-2015:1515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0078","reference_id":"RHSA-2016:0078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0079","reference_id":"RHSA-2016:0079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0079"},{"reference_url":"https://usn.ubuntu.com/2693-1/","reference_id":"USN-2693-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2693-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88984?format=json","purl":"pkg:deb/debian/bind9@1:9.9.5.dfsg-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.9.5.dfsg-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2015-5477"],"risk_score":6.8,"exploitability":"2.0","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n44z-f191-ake6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60029?format=json","vulnerability_id":"VCID-n6w4-j7wq-qka8","summary":"The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4854.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4854.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4854","reference_id":"","reference_type":"","scores":[{"value":"0.51147","scoring_system":"epss","scoring_elements":"0.97926","published_at":"2026-06-04T12:55:00Z"},{"value":"0.51147","scoring_system":"epss","scoring_elements":"0.9793","published_at":"2026-06-09T12:55:00Z"},{"value":"0.51147","scoring_system":"epss","scoring_elements":"0.97931","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4854"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717936","reference_id":"717936","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717936"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=988999","reference_id":"988999","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=988999"},{"reference_url":"https://security.gentoo.org/glsa/201401-34","reference_id":"GLSA-201401-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1114","reference_id":"RHSA-2013:1114","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1114"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1115","reference_id":"RHSA-2013:1115","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1115"},{"reference_url":"https://usn.ubuntu.com/1910-1/","reference_id":"USN-1910-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1910-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88979?format=json","purl":"pkg:deb/debian/bind9@1:9.8.4.dfsg.P1-6%2Bnmu3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.8.4.dfsg.P1-6%252Bnmu3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2013-4854"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n6w4-j7wq-qka8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60066?format=json","vulnerability_id":"VCID-nq1j-jczx-fub7","summary":"db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8000.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8000.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8000","reference_id":"","reference_type":"","scores":[{"value":"0.68868","scoring_system":"epss","scoring_elements":"0.98645","published_at":"2026-06-04T12:55:00Z"},{"value":"0.68868","scoring_system":"epss","scoring_elements":"0.98646","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8000"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1291176","reference_id":"1291176","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1291176"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808081","reference_id":"808081","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808081"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2655","reference_id":"RHSA-2015:2655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2656","reference_id":"RHSA-2015:2656","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2658","reference_id":"RHSA-2015:2658","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2658"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0078","reference_id":"RHSA-2016:0078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0079","reference_id":"RHSA-2016:0079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0079"},{"reference_url":"https://usn.ubuntu.com/2837-1/","reference_id":"USN-2837-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2837-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88986?format=json","purl":"pkg:deb/debian/bind9@1:9.9.5.dfsg-12.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.9.5.dfsg-12.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2015-8000"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nq1j-jczx-fub7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59985?format=json","vulnerability_id":"VCID-nrc5-2amj-5ugd","summary":"Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0364","reference_id":"","reference_type":"","scores":[{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74838","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74868","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74874","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74865","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.7485","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00826","scoring_system":"epss","scoring_elements":"0.74876","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0364"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0364"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nrc5-2amj-5ugd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60018?format=json","vulnerability_id":"VCID-nuah-fwsh-6khq","summary":"ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1667.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1667.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1667","reference_id":"","reference_type":"","scores":[{"value":"0.47498","scoring_system":"epss","scoring_elements":"0.97762","published_at":"2026-06-09T12:55:00Z"},{"value":"0.53159","scoring_system":"epss","scoring_elements":"0.98017","published_at":"2026-06-04T12:55:00Z"},{"value":"0.53159","scoring_system":"epss","scoring_elements":"0.9802","published_at":"2026-06-05T12:55:00Z"},{"value":"0.53159","scoring_system":"epss","scoring_elements":"0.98021","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1667"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=828078","reference_id":"828078","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=828078"},{"reference_url":"https://security.gentoo.org/glsa/201209-04","reference_id":"GLSA-201209-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0716","reference_id":"RHSA-2012:0716","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0716"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0717","reference_id":"RHSA-2012:0717","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0717"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1110","reference_id":"RHSA-2012:1110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1110"},{"reference_url":"https://usn.ubuntu.com/1462-1/","reference_id":"USN-1462-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1462-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88973?format=json","purl":"pkg:deb/debian/bind9@1:9.8.1.dfsg.P1-4.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.8.1.dfsg.P1-4.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2012-1667"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nuah-fwsh-6khq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59996?format=json","vulnerability_id":"VCID-nybp-rf51-7fh9","summary":"Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0122.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0122.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0122","reference_id":"","reference_type":"","scores":[{"value":"0.01722","scoring_system":"epss","scoring_elements":"0.82746","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01722","scoring_system":"epss","scoring_elements":"0.82771","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01722","scoring_system":"epss","scoring_elements":"0.8277","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01722","scoring_system":"epss","scoring_elements":"0.82768","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01722","scoring_system":"epss","scoring_elements":"0.82761","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01722","scoring_system":"epss","scoring_elements":"0.82774","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0122"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=429149","reference_id":"429149","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=429149"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0300","reference_id":"RHSA-2008:0300","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0300"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2008-0122"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nybp-rf51-7fh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60249?format=json","vulnerability_id":"VCID-p1zr-s6xa-hugg","summary":"Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12705.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12705.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-12705","reference_id":"","reference_type":"","scores":[{"value":"0.05622","scoring_system":"epss","scoring_elements":"0.90526","published_at":"2026-06-09T12:55:00Z"},{"value":"0.05622","scoring_system":"epss","scoring_elements":"0.90513","published_at":"2026-06-06T12:55:00Z"},{"value":"0.05622","scoring_system":"epss","scoring_elements":"0.90511","published_at":"2026-06-07T12:55:00Z"},{"value":"0.05622","scoring_system":"epss","scoring_elements":"0.90509","published_at":"2026-06-08T12:55:00Z"},{"value":"0.05622","scoring_system":"epss","scoring_elements":"0.90512","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-12705"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094735","reference_id":"1094735","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094735"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2342880","reference_id":"2342880","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2342880"},{"reference_url":"https://kb.isc.org/docs/cve-2024-12705","reference_id":"cve-2024-12705","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-30T15:25:35Z/"}],"url":"https://kb.isc.org/docs/cve-2024-12705"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1670","reference_id":"RHSA-2025:1670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1907","reference_id":"RHSA-2025:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1907"},{"reference_url":"https://usn.ubuntu.com/7241-1/","reference_id":"USN-7241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89056?format=json","purl":"pkg:deb/debian/bind9@1:9.18.33-1~deb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.33-1~deb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89058?format=json","purl":"pkg:deb/debian/bind9@1:9.20.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2024-12705"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p1zr-s6xa-hugg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60247?format=json","vulnerability_id":"VCID-p2qu-sjfk-afh3","summary":"A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack.  This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0760.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0760.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0760","reference_id":"","reference_type":"","scores":[{"value":"0.1669","scoring_system":"epss","scoring_elements":"0.9507","published_at":"2026-06-09T12:55:00Z"},{"value":"0.1669","scoring_system":"epss","scoring_elements":"0.95063","published_at":"2026-06-05T12:55:00Z"},{"value":"0.1669","scoring_system":"epss","scoring_elements":"0.95064","published_at":"2026-06-06T12:55:00Z"},{"value":"0.1669","scoring_system":"epss","scoring_elements":"0.95066","published_at":"2026-06-07T12:55:00Z"},{"value":"0.1669","scoring_system":"epss","scoring_elements":"0.95065","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0760"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/23/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T16:02:34Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/23/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/31/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T16:02:34Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/31/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298878","reference_id":"2298878","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298878"},{"reference_url":"https://kb.isc.org/docs/cve-2024-0760","reference_id":"cve-2024-0760","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T16:02:34Z/"}],"url":"https://kb.isc.org/docs/cve-2024-0760"},{"reference_url":"https://usn.ubuntu.com/6909-1/","reference_id":"USN-6909-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6909-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89053?format=json","purl":"pkg:deb/debian/bind9@1:9.18.28-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.28-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89054?format=json","purl":"pkg:deb/debian/bind9@1:9.20.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2024-0760"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p2qu-sjfk-afh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60026?format=json","vulnerability_id":"VCID-p558-xgn1-dqd9","summary":"resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3919.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3919.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-3919","reference_id":"","reference_type":"","scores":[{"value":"0.10288","scoring_system":"epss","scoring_elements":"0.93306","published_at":"2026-06-04T12:55:00Z"},{"value":"0.10288","scoring_system":"epss","scoring_elements":"0.93317","published_at":"2026-06-05T12:55:00Z"},{"value":"0.10288","scoring_system":"epss","scoring_elements":"0.93319","published_at":"2026-06-06T12:55:00Z"},{"value":"0.10288","scoring_system":"epss","scoring_elements":"0.93316","published_at":"2026-06-07T12:55:00Z"},{"value":"0.10288","scoring_system":"epss","scoring_elements":"0.93315","published_at":"2026-06-08T12:55:00Z"},{"value":"0.10288","scoring_system":"epss","scoring_elements":"0.93322","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-3919"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=970905","reference_id":"970905","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=970905"},{"reference_url":"https://security.gentoo.org/glsa/201401-34","reference_id":"GLSA-201401-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-34"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2013-3919"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p558-xgn1-dqd9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60006?format=json","vulnerability_id":"VCID-pbsy-f4rh-pfa1","summary":"ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote attackers to have an unspecified impact via a crafted response, aka Bug 20819.  NOTE: this vulnerability exists because of a regression during the fix for CVE-2009-4022.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0382.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0382.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0382","reference_id":"","reference_type":"","scores":[{"value":"0.28405","scoring_system":"epss","scoring_elements":"0.96603","published_at":"2026-06-04T12:55:00Z"},{"value":"0.28405","scoring_system":"epss","scoring_elements":"0.96607","published_at":"2026-06-05T12:55:00Z"},{"value":"0.28405","scoring_system":"epss","scoring_elements":"0.96612","published_at":"2026-06-08T12:55:00Z"},{"value":"0.28405","scoring_system":"epss","scoring_elements":"0.96617","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0382"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0382","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0382"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=557983","reference_id":"557983","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=557983"},{"reference_url":"https://security.gentoo.org/glsa/201006-11","reference_id":"GLSA-201006-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201006-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0062","reference_id":"RHSA-2010:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0062"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88966?format=json","purl":"pkg:deb/debian/bind9@1:9.7.0.dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.7.0.dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2010-0382"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pbsy-f4rh-pfa1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59986?format=json","vulnerability_id":"VCID-pfvv-1pv3-sqet","summary":"The default configuration of ISC BIND before 9.4.1-P1, when configured as a caching name server, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0987.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0987.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0987","reference_id":"","reference_type":"","scores":[{"value":"0.30712","scoring_system":"epss","scoring_elements":"0.96814","published_at":"2026-06-04T12:55:00Z"},{"value":"0.30712","scoring_system":"epss","scoring_elements":"0.96819","published_at":"2026-06-05T12:55:00Z"},{"value":"0.30712","scoring_system":"epss","scoring_elements":"0.96823","published_at":"2026-06-07T12:55:00Z"},{"value":"0.30712","scoring_system":"epss","scoring_elements":"0.96822","published_at":"2026-06-08T12:55:00Z"},{"value":"0.30712","scoring_system":"epss","scoring_elements":"0.96827","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0987"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0987","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0987"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356266","reference_id":"356266","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356266"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=873618","reference_id":"873618","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=873618"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88956?format=json","purl":"pkg:deb/debian/bind9@1:9.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.4.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2006-0987"],"risk_score":0.6,"exploitability":"2.0","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pfvv-1pv3-sqet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60025?format=json","vulnerability_id":"VCID-pqwj-a1rg-q3hw","summary":"libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2266.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2266.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2266","reference_id":"","reference_type":"","scores":[{"value":"0.44844","scoring_system":"epss","scoring_elements":"0.97647","published_at":"2026-06-04T12:55:00Z"},{"value":"0.44844","scoring_system":"epss","scoring_elements":"0.97651","published_at":"2026-06-05T12:55:00Z"},{"value":"0.44844","scoring_system":"epss","scoring_elements":"0.97653","published_at":"2026-06-07T12:55:00Z"},{"value":"0.44844","scoring_system":"epss","scoring_elements":"0.97654","published_at":"2026-06-08T12:55:00Z"},{"value":"0.44844","scoring_system":"epss","scoring_elements":"0.97656","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2266"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704174","reference_id":"704174","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704174"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=928027","reference_id":"928027","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=928027"},{"reference_url":"https://security.gentoo.org/glsa/201401-34","reference_id":"GLSA-201401-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0689","reference_id":"RHSA-2013:0689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0690","reference_id":"RHSA-2013:0690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0690"},{"reference_url":"https://usn.ubuntu.com/1783-1/","reference_id":"USN-1783-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1783-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88978?format=json","purl":"pkg:deb/debian/bind9@1:9.8.4.dfsg.P1-6%2Bnmu1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.8.4.dfsg.P1-6%252Bnmu1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2013-2266"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pqwj-a1rg-q3hw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60086?format=json","vulnerability_id":"VCID-praz-ttfh-cbgr","summary":"ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via malformed options data in an OPT resource record.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2848.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2848.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2848","reference_id":"","reference_type":"","scores":[{"value":"0.52249","scoring_system":"epss","scoring_elements":"0.97974","published_at":"2026-06-04T12:55:00Z"},{"value":"0.52249","scoring_system":"epss","scoring_elements":"0.97976","published_at":"2026-06-07T12:55:00Z"},{"value":"0.52249","scoring_system":"epss","scoring_elements":"0.97977","published_at":"2026-06-06T12:55:00Z"},{"value":"0.52249","scoring_system":"epss","scoring_elements":"0.97975","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2848"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2848","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2848"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385450","reference_id":"1385450","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1385450"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839051","reference_id":"839051","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2093","reference_id":"RHSA-2016:2093","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2093"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2094","reference_id":"RHSA-2016:2094","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2094"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2099","reference_id":"RHSA-2016:2099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2099"},{"reference_url":"https://usn.ubuntu.com/3108-1/","reference_id":"USN-3108-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3108-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88996?format=json","purl":"pkg:deb/debian/bind9@1:9.9.3.dfsg.P2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.9.3.dfsg.P2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2848"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-praz-ttfh-cbgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60244?format=json","vulnerability_id":"VCID-pw8q-3bbt-5yg4","summary":"A bad interaction between DNS64 and serve-stale may cause `named` to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5679.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5679.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5679","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34357","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.344","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34416","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34381","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34338","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/13/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:24:41Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/13/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263909","reference_id":"2263909","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263909"},{"reference_url":"https://kb.isc.org/docs/cve-2023-5679","reference_id":"cve-2023-5679","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:24:41Z/"}],"url":"https://kb.isc.org/docs/cve-2023-5679"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/","reference_id":"HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:24:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0002/","reference_id":"ntap-20240426-0002","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:24:41Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0002/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/","reference_id":"PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:24:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/","reference_id":"RGS7JN6FZXUSTC2XKQHH27574XOULYYJ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:24:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1647","reference_id":"RHSA-2024:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1648","reference_id":"RHSA-2024:1648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1781","reference_id":"RHSA-2024:1781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1789","reference_id":"RHSA-2024:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1800","reference_id":"RHSA-2024:1800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1803","reference_id":"RHSA-2024:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2551","reference_id":"RHSA-2024:2551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2551"},{"reference_url":"https://usn.ubuntu.com/6633-1/","reference_id":"USN-6633-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6633-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","reference_id":"ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-13T19:24:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89051?format=json","purl":"pkg:deb/debian/bind9@1:9.16.48-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.48-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89050?format=json","purl":"pkg:deb/debian/bind9@1:9.18.24-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.24-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89052?format=json","purl":"pkg:deb/debian/bind9@1:9.19.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.19.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2023-5679"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pw8q-3bbt-5yg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60233?format=json","vulnerability_id":"VCID-qp2e-thkb-sfdy","summary":"This issue can affect BIND 9 resolvers with `stale-answer-enable yes;` that also make use of the option `stale-answer-client-timeout`, configured with a value greater than zero.  If the resolver receives many queries that require recursion, there will be a corresponding increase in the number of clients that are waiting for recursion to complete. If there are sufficient clients already waiting when a new client query is received so that it is necessary to SERVFAIL the longest waiting client (see BIND 9 ARM `recursive-clients` limit and soft quota), then it is possible for a race to occur between providing a stale answer to this older client and sending an early timeout SERVFAIL, which may cause an assertion failure. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3924.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3924.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3924","reference_id":"","reference_type":"","scores":[{"value":"0.0283","scoring_system":"epss","scoring_elements":"0.86448","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0283","scoring_system":"epss","scoring_elements":"0.86469","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0283","scoring_system":"epss","scoring_elements":"0.86472","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0283","scoring_system":"epss","scoring_elements":"0.86468","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0283","scoring_system":"epss","scoring_elements":"0.86455","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0283","scoring_system":"epss","scoring_elements":"0.86471","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3924"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164039","reference_id":"2164039","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2164039"},{"reference_url":"https://kb.isc.org/docs/cve-2022-3924","reference_id":"cve-2022-3924","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-31T13:57:22Z/"}],"url":"https://kb.isc.org/docs/cve-2022-3924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2261","reference_id":"RHSA-2023:2261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2792","reference_id":"RHSA-2023:2792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2792"},{"reference_url":"https://usn.ubuntu.com/5827-1/","reference_id":"USN-5827-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5827-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89032?format=json","purl":"pkg:deb/debian/bind9@1:9.16.37-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.37-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89031?format=json","purl":"pkg:deb/debian/bind9@1:9.18.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2022-3924"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qp2e-thkb-sfdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59988?format=json","vulnerability_id":"VCID-qs5c-d2kd-5kex","summary":"BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4095.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4095.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4095","reference_id":"","reference_type":"","scores":[{"value":"0.04881","scoring_system":"epss","scoring_elements":"0.89753","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04881","scoring_system":"epss","scoring_elements":"0.89769","published_at":"2026-06-05T12:55:00Z"},{"value":"0.04881","scoring_system":"epss","scoring_elements":"0.89771","published_at":"2026-06-06T12:55:00Z"},{"value":"0.04881","scoring_system":"epss","scoring_elements":"0.8977","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04881","scoring_system":"epss","scoring_elements":"0.89786","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4095"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4095","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4095"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=386245","reference_id":"386245","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=386245"},{"reference_url":"https://security.gentoo.org/glsa/200609-11","reference_id":"GLSA-200609-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200609-11"},{"reference_url":"https://usn.ubuntu.com/343-1/","reference_id":"USN-343-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/343-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88958?format=json","purl":"pkg:deb/debian/bind9@1:9.3.2-P1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.3.2-P1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2006-4095"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qs5c-d2kd-5kex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60085?format=json","vulnerability_id":"VCID-r9wt-cphd-wuca","summary":"ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2775.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2775.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2775","reference_id":"","reference_type":"","scores":[{"value":"0.43295","scoring_system":"epss","scoring_elements":"0.97573","published_at":"2026-06-04T12:55:00Z"},{"value":"0.43295","scoring_system":"epss","scoring_elements":"0.97578","published_at":"2026-06-05T12:55:00Z"},{"value":"0.43295","scoring_system":"epss","scoring_elements":"0.97582","published_at":"2026-06-09T12:55:00Z"},{"value":"0.43295","scoring_system":"epss","scoring_elements":"0.9758","published_at":"2026-06-08T12:55:00Z"},{"value":"0.43295","scoring_system":"epss","scoring_elements":"0.97579","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1357803","reference_id":"1357803","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1357803"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831796","reference_id":"831796","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831796"},{"reference_url":"https://security.gentoo.org/glsa/201610-07","reference_id":"GLSA-201610-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201610-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2533","reference_id":"RHSA-2017:2533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2533"},{"reference_url":"https://usn.ubuntu.com/5747-1/","reference_id":"USN-5747-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5747-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88991?format=json","purl":"pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2775"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r9wt-cphd-wuca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60012?format=json","vulnerability_id":"VCID-rbw7-396f-tkgg","summary":"ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1907.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1907.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1907","reference_id":"","reference_type":"","scores":[{"value":"0.22416","scoring_system":"epss","scoring_elements":"0.95937","published_at":"2026-06-04T12:55:00Z"},{"value":"0.22416","scoring_system":"epss","scoring_elements":"0.95941","published_at":"2026-06-05T12:55:00Z"},{"value":"0.22416","scoring_system":"epss","scoring_elements":"0.95945","published_at":"2026-06-08T12:55:00Z"},{"value":"0.22416","scoring_system":"epss","scoring_elements":"0.9595","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=702701","reference_id":"702701","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=702701"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88971?format=json","purl":"pkg:deb/debian/bind9@1:9.8.1.dfsg.P1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.8.1.dfsg.P1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2011-1907"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rbw7-396f-tkgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3558?format=json","vulnerability_id":"VCID-rdgb-h948-87bd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3080.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3080.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3080","reference_id":"","reference_type":"","scores":[{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33246","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33348","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33364","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33315","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33294","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33328","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2128600","reference_id":"2128600","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2128600"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/09/21/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/09/21/3"},{"reference_url":"https://security.archlinux.org/AVG-2811","reference_id":"AVG-2811","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2811"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/","reference_id":"CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/"},{"reference_url":"https://kb.isc.org/docs/cve-2022-3080","reference_id":"cve-2022-3080","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/"}],"url":"https://kb.isc.org/docs/cve-2022-3080"},{"reference_url":"https://www.debian.org/security/2022/dsa-5235","reference_id":"dsa-5235","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/"}],"url":"https://www.debian.org/security/2022/dsa-5235"},{"reference_url":"https://security.gentoo.org/glsa/202210-25","reference_id":"GLSA-202210-25","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/"}],"url":"https://security.gentoo.org/glsa/202210-25"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/","reference_id":"MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0002/","reference_id":"ntap-20240621-0002","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240621-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6763","reference_id":"RHSA-2022:6763","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6763"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6781","reference_id":"RHSA-2022:6781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6781"},{"reference_url":"https://usn.ubuntu.com/5626-1/","reference_id":"USN-5626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5626-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/","reference_id":"YZJQNUASODNVAWZV6STKG5SD6XIJ446S","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:18:15Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89030?format=json","purl":"pkg:deb/debian/bind9@1:9.16.33-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.33-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89029?format=json","purl":"pkg:deb/debian/bind9@1:9.18.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2022-3080"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rdgb-h948-87bd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60258?format=json","vulnerability_id":"VCID-rf88-5q4d-h3am","summary":"Malformed BRID/HHIT records can cause `named` to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13878.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13878.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13878","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.1499","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.15097","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.15088","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.15048","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14965","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13878"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431600","reference_id":"2431600","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2431600"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.18.44","reference_id":"9.18.44","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T14:57:50Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.18.44"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.20.18","reference_id":"9.20.18","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T14:57:50Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.20.18"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.21.17","reference_id":"9.21.17","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T14:57:50Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.21.17"},{"reference_url":"https://kb.isc.org/docs/cve-2025-13878","reference_id":"cve-2025-13878","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T14:57:50Z/"}],"url":"https://kb.isc.org/docs/cve-2025-13878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6935","reference_id":"RHSA-2026:6935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6935"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89061?format=json","purl":"pkg:deb/debian/bind9@1:9.18.44-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.44-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89063?format=json","purl":"pkg:deb/debian/bind9@1:9.20.18-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.18-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89062?format=json","purl":"pkg:deb/debian/bind9@1:9.20.18-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2025-13878"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rf88-5q4d-h3am"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59987?format=json","vulnerability_id":"VCID-rn45-vvrs-3uh4","summary":"Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a \"broken\" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2073.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2073.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2073","reference_id":"","reference_type":"","scores":[{"value":"0.05235","scoring_system":"epss","scoring_elements":"0.90131","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05235","scoring_system":"epss","scoring_elements":"0.90147","published_at":"2026-06-05T12:55:00Z"},{"value":"0.05235","scoring_system":"epss","scoring_elements":"0.90145","published_at":"2026-06-06T12:55:00Z"},{"value":"0.05235","scoring_system":"epss","scoring_elements":"0.90144","published_at":"2026-06-07T12:55:00Z"},{"value":"0.05235","scoring_system":"epss","scoring_elements":"0.90142","published_at":"2026-06-08T12:55:00Z"},{"value":"0.05235","scoring_system":"epss","scoring_elements":"0.90158","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2073"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88957?format=json","purl":"pkg:deb/debian/bind9@1:9.3.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.3.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2006-2073"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rn45-vvrs-3uh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60003?format=json","vulnerability_id":"VCID-rwxh-6prf-aqcb","summary":"BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured statically or via DNSSEC Lookaside Validation (DLV), allows remote attackers to cause a denial of service (infinite loop) via a query for an RRSIG record whose answer is not in the cache, which causes BIND to repeatedly send RRSIG queries to the authoritative servers.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0213.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0213.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0213","reference_id":"","reference_type":"","scores":[{"value":"0.0097","scoring_system":"epss","scoring_elements":"0.76965","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0097","scoring_system":"epss","scoring_elements":"0.76998","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0097","scoring_system":"epss","scoring_elements":"0.77007","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0097","scoring_system":"epss","scoring_elements":"0.76995","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0097","scoring_system":"epss","scoring_elements":"0.76984","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0097","scoring_system":"epss","scoring_elements":"0.77005","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0213"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0213","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0213"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=616706","reference_id":"616706","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=616706"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88967?format=json","purl":"pkg:deb/debian/bind9@9.7.1.dfsg.P2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@9.7.1.dfsg.P2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2010-0213"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rwxh-6prf-aqcb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60087?format=json","vulnerability_id":"VCID-s27v-1sqw-93bm","summary":"ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of service (secondary DNS server crash) via a large AXFR response, and possibly allows IXFR servers to cause a denial of service (IXFR client crash) via a large IXFR response and allows remote authenticated users to cause a denial of service (primary DNS server crash) via a large UPDATE message.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6170.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6170.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6170","reference_id":"","reference_type":"","scores":[{"value":"0.1302","scoring_system":"epss","scoring_elements":"0.94218","published_at":"2026-06-04T12:55:00Z"},{"value":"0.1302","scoring_system":"epss","scoring_elements":"0.94226","published_at":"2026-06-05T12:55:00Z"},{"value":"0.1302","scoring_system":"epss","scoring_elements":"0.94228","published_at":"2026-06-06T12:55:00Z"},{"value":"0.1302","scoring_system":"epss","scoring_elements":"0.9423","published_at":"2026-06-07T12:55:00Z"},{"value":"0.1302","scoring_system":"epss","scoring_elements":"0.94229","published_at":"2026-06-08T12:55:00Z"},{"value":"0.1302","scoring_system":"epss","scoring_elements":"0.94235","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6170"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6170","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6170"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1353563","reference_id":"1353563","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1353563"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830810","reference_id":"830810","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830810"},{"reference_url":"https://security.gentoo.org/glsa/201610-07","reference_id":"GLSA-201610-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201610-07"},{"reference_url":"https://usn.ubuntu.com/5747-1/","reference_id":"USN-5747-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5747-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88998?format=json","purl":"pkg:deb/debian/bind9@1:9.10.6%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.10.6%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2016-6170"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s27v-1sqw-93bm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60007?format=json","vulnerability_id":"VCID-sh2c-gf3e-juh7","summary":"named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3613.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3613.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3613","reference_id":"","reference_type":"","scores":[{"value":"0.03207","scoring_system":"epss","scoring_elements":"0.87252","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03207","scoring_system":"epss","scoring_elements":"0.87275","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03207","scoring_system":"epss","scoring_elements":"0.87273","published_at":"2026-06-06T12:55:00Z"},{"value":"0.03207","scoring_system":"epss","scoring_elements":"0.8727","published_at":"2026-06-07T12:55:00Z"},{"value":"0.03207","scoring_system":"epss","scoring_elements":"0.87267","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03207","scoring_system":"epss","scoring_elements":"0.87279","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3613"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3613"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605876","reference_id":"605876","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605876"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=658974","reference_id":"658974","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=658974"},{"reference_url":"https://security.gentoo.org/glsa/201206-01","reference_id":"GLSA-201206-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0975","reference_id":"RHSA-2010:0975","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0975"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0976","reference_id":"RHSA-2010:0976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:1000","reference_id":"RHSA-2010:1000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:1000"},{"reference_url":"https://usn.ubuntu.com/1025-1/","reference_id":"USN-1025-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1025-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88968?format=json","purl":"pkg:deb/debian/bind9@1:9.7.2.dfsg.P3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.7.2.dfsg.P3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2010-3613"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sh2c-gf3e-juh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60232?format=json","vulnerability_id":"VCID-skd6-n98m-j3fr","summary":"By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38177.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38177.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38177","reference_id":"","reference_type":"","scores":[{"value":"0.01164","scoring_system":"epss","scoring_elements":"0.78957","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01164","scoring_system":"epss","scoring_elements":"0.78988","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01164","scoring_system":"epss","scoring_elements":"0.78984","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01164","scoring_system":"epss","scoring_elements":"0.7899","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01164","scoring_system":"epss","scoring_elements":"0.78981","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01164","scoring_system":"epss","scoring_elements":"0.7897","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2128601","reference_id":"2128601","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2128601"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/09/21/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/09/21/3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/","reference_id":"CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/"},{"reference_url":"https://kb.isc.org/docs/cve-2022-38177","reference_id":"cve-2022-38177","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/"}],"url":"https://kb.isc.org/docs/cve-2022-38177"},{"reference_url":"https://www.debian.org/security/2022/dsa-5235","reference_id":"dsa-5235","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/"}],"url":"https://www.debian.org/security/2022/dsa-5235"},{"reference_url":"https://security.gentoo.org/glsa/202210-25","reference_id":"GLSA-202210-25","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/"}],"url":"https://security.gentoo.org/glsa/202210-25"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/","reference_id":"MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html","reference_id":"msg00007.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221228-0010/","reference_id":"ntap-20221228-0010","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/"}],"url":"https://security.netapp.com/advisory/ntap-20221228-0010/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6763","reference_id":"RHSA-2022:6763","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6763"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6764","reference_id":"RHSA-2022:6764","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6764"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6765","reference_id":"RHSA-2022:6765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6765"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6778","reference_id":"RHSA-2022:6778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6779","reference_id":"RHSA-2022:6779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6779"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6780","reference_id":"RHSA-2022:6780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6780"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6781","reference_id":"RHSA-2022:6781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8598","reference_id":"RHSA-2022:8598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8598"},{"reference_url":"https://usn.ubuntu.com/5626-1/","reference_id":"USN-5626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5626-1/"},{"reference_url":"https://usn.ubuntu.com/5626-2/","reference_id":"USN-5626-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5626-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/","reference_id":"YZJQNUASODNVAWZV6STKG5SD6XIJ446S","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-28T15:23:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89030?format=json","purl":"pkg:deb/debian/bind9@1:9.16.33-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.33-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89033?format=json","purl":"pkg:deb/debian/bind9@1:9.17.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.17.20-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38177"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-skd6-n98m-j3fr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60190?format=json","vulnerability_id":"VCID-sqzf-35k2-87f6","summary":"In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8622.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8622.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8622","reference_id":"","reference_type":"","scores":[{"value":"0.02629","scoring_system":"epss","scoring_elements":"0.85968","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02629","scoring_system":"epss","scoring_elements":"0.8599","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02629","scoring_system":"epss","scoring_elements":"0.85993","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02629","scoring_system":"epss","scoring_elements":"0.85989","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02629","scoring_system":"epss","scoring_elements":"0.85978","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02629","scoring_system":"epss","scoring_elements":"0.85992","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1869473","reference_id":"1869473","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1869473"},{"reference_url":"https://security.gentoo.org/glsa/202008-19","reference_id":"GLSA-202008-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202008-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4183","reference_id":"RHSA-2020:4183","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4183"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4500","reference_id":"RHSA-2020:4500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4992","reference_id":"RHSA-2020:4992","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4992"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5011","reference_id":"RHSA-2020:5011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5203","reference_id":"RHSA-2020:5203","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5203"},{"reference_url":"https://usn.ubuntu.com/4468-1/","reference_id":"USN-4468-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4468-1/"},{"reference_url":"https://usn.ubuntu.com/4468-2/","reference_id":"USN-4468-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4468-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89019?format=json","purl":"pkg:deb/debian/bind9@1:9.16.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8622"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sqzf-35k2-87f6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59998?format=json","vulnerability_id":"VCID-stdj-w6fv-muc3","summary":"BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0025.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0025.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0025","reference_id":"","reference_type":"","scores":[{"value":"0.00961","scoring_system":"epss","scoring_elements":"0.76839","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00961","scoring_system":"epss","scoring_elements":"0.76871","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00961","scoring_system":"epss","scoring_elements":"0.76879","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00961","scoring_system":"epss","scoring_elements":"0.76868","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00961","scoring_system":"epss","scoring_elements":"0.76858","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00961","scoring_system":"epss","scoring_elements":"0.7688","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=478984","reference_id":"478984","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=478984"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511936","reference_id":"511936","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511936"},{"reference_url":"https://security.gentoo.org/glsa/200903-14","reference_id":"GLSA-200903-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200903-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0020","reference_id":"RHSA-2009:0020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0020"},{"reference_url":"https://usn.ubuntu.com/706-1/","reference_id":"USN-706-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/706-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88963?format=json","purl":"pkg:deb/debian/bind9@1:9.5.1.dfsg.P1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.5.1.dfsg.P1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2009-0025"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-stdj-w6fv-muc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4994?format=json","vulnerability_id":"VCID-t2fv-zvn6-q3dr","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0667.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0667.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0667","reference_id":"","reference_type":"","scores":[{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.72266","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.72304","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.72293","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.72278","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.72307","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00694","scoring_system":"epss","scoring_elements":"0.72313","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0667"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064515","reference_id":"2064515","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064515"},{"reference_url":"https://security.archlinux.org/ASA-202204-5","reference_id":"ASA-202204-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-5"},{"reference_url":"https://security.archlinux.org/AVG-2661","reference_id":"AVG-2661","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2661"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89026?format=json","purl":"pkg:deb/debian/bind9@1:9.18.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2022-0667"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t2fv-zvn6-q3dr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5685?format=json","vulnerability_id":"VCID-t7u3-rt12-vydx","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8625.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8625.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8625","reference_id":"","reference_type":"","scores":[{"value":"0.2515","scoring_system":"epss","scoring_elements":"0.9629","published_at":"2026-06-04T12:55:00Z"},{"value":"0.2515","scoring_system":"epss","scoring_elements":"0.96302","published_at":"2026-06-09T12:55:00Z"},{"value":"0.2515","scoring_system":"epss","scoring_elements":"0.96297","published_at":"2026-06-07T12:55:00Z"},{"value":"0.2515","scoring_system":"epss","scoring_elements":"0.96298","published_at":"2026-06-08T12:55:00Z"},{"value":"0.2515","scoring_system":"epss","scoring_elements":"0.96294","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8625"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8625","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8625"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928486","reference_id":"1928486","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928486"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983004","reference_id":"983004","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983004"},{"reference_url":"https://security.archlinux.org/ASA-202102-40","reference_id":"ASA-202102-40","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202102-40"},{"reference_url":"https://security.archlinux.org/AVG-1589","reference_id":"AVG-1589","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1589"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0669","reference_id":"RHSA-2021:0669","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0669"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0670","reference_id":"RHSA-2021:0670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0671","reference_id":"RHSA-2021:0671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0672","reference_id":"RHSA-2021:0672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0691","reference_id":"RHSA-2021:0691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0692","reference_id":"RHSA-2021:0692","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0693","reference_id":"RHSA-2021:0693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0694","reference_id":"RHSA-2021:0694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0727","reference_id":"RHSA-2021:0727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0922","reference_id":"RHSA-2021:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0922"},{"reference_url":"https://usn.ubuntu.com/4737-1/","reference_id":"USN-4737-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4737-1/"},{"reference_url":"https://usn.ubuntu.com/4737-2/","reference_id":"USN-4737-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4737-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89022?format=json","purl":"pkg:deb/debian/bind9@1:9.16.12-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.12-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8625"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t7u3-rt12-vydx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6775?format=json","vulnerability_id":"VCID-trjv-6ysn-jqd7","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2776.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2776.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2776","reference_id":"","reference_type":"","scores":[{"value":"0.8745","scoring_system":"epss","scoring_elements":"0.99475","published_at":"2026-06-04T12:55:00Z"},{"value":"0.8745","scoring_system":"epss","scoring_elements":"0.99476","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2776"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1378380","reference_id":"1378380","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1378380"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839010","reference_id":"839010","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839010"},{"reference_url":"https://security.archlinux.org/ASA-201609-29","reference_id":"ASA-201609-29","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201609-29"},{"reference_url":"https://security.archlinux.org/AVG-36","reference_id":"AVG-36","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-36"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/40453.py","reference_id":"CVE-2016-2776","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/40453.py"},{"reference_url":"https://security.gentoo.org/glsa/201610-07","reference_id":"GLSA-201610-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201610-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1944","reference_id":"RHSA-2016:1944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1944"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1945","reference_id":"RHSA-2016:1945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2099","reference_id":"RHSA-2016:2099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2099"},{"reference_url":"https://usn.ubuntu.com/3088-1/","reference_id":"USN-3088-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3088-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88991?format=json","purl":"pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2776"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-trjv-6ysn-jqd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60015?format=json","vulnerability_id":"VCID-tu3e-m71k-jygt","summary":"Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2465.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2465.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2465","reference_id":"","reference_type":"","scores":[{"value":"0.08337","scoring_system":"epss","scoring_elements":"0.9243","published_at":"2026-06-04T12:55:00Z"},{"value":"0.08337","scoring_system":"epss","scoring_elements":"0.92443","published_at":"2026-06-05T12:55:00Z"},{"value":"0.08337","scoring_system":"epss","scoring_elements":"0.92439","published_at":"2026-06-06T12:55:00Z"},{"value":"0.08337","scoring_system":"epss","scoring_elements":"0.92434","published_at":"2026-06-07T12:55:00Z"},{"value":"0.08337","scoring_system":"epss","scoring_elements":"0.92433","published_at":"2026-06-08T12:55:00Z"},{"value":"0.08337","scoring_system":"epss","scoring_elements":"0.9245","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2465"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2465","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2465"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=718971","reference_id":"718971","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=718971"},{"reference_url":"https://security.gentoo.org/glsa/201206-01","reference_id":"GLSA-201206-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88971?format=json","purl":"pkg:deb/debian/bind9@1:9.8.1.dfsg.P1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.8.1.dfsg.P1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2011-2465"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tu3e-m71k-jygt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60019?format=json","vulnerability_id":"VCID-tu8f-p8he-8qbq","summary":"ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) by sending many queries.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3817.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3817.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3817","reference_id":"","reference_type":"","scores":[{"value":"0.06693","scoring_system":"epss","scoring_elements":"0.91409","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06693","scoring_system":"epss","scoring_elements":"0.91423","published_at":"2026-06-05T12:55:00Z"},{"value":"0.06693","scoring_system":"epss","scoring_elements":"0.91424","published_at":"2026-06-06T12:55:00Z"},{"value":"0.06693","scoring_system":"epss","scoring_elements":"0.91422","published_at":"2026-06-07T12:55:00Z"},{"value":"0.06693","scoring_system":"epss","scoring_elements":"0.91418","published_at":"2026-06-08T12:55:00Z"},{"value":"0.06693","scoring_system":"epss","scoring_elements":"0.91432","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683259","reference_id":"683259","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683259"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=842897","reference_id":"842897","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=842897"},{"reference_url":"https://security.gentoo.org/glsa/201209-04","reference_id":"GLSA-201209-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1122","reference_id":"RHSA-2012:1122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1123","reference_id":"RHSA-2012:1123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1123"},{"reference_url":"https://usn.ubuntu.com/1518-1/","reference_id":"USN-1518-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1518-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88974?format=json","purl":"pkg:deb/debian/bind9@1:9.8.1.dfsg.P1-4.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.8.1.dfsg.P1-4.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2012-3817"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tu8f-p8he-8qbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60238?format=json","vulnerability_id":"VCID-u4gb-737x-pych","summary":"A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.18.0 through 9.18.18 and 9.18.11-S1 through 9.18.18-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4236.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4236.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4236","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38991","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38995","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38952","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38967","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.3894","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4236"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052417","reference_id":"1052417","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052417"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2239661","reference_id":"2239661","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2239661"},{"reference_url":"https://usn.ubuntu.com/6390-1/","reference_id":"USN-6390-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6390-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89043?format=json","purl":"pkg:deb/debian/bind9@1:9.18.19-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.19-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89046?format=json","purl":"pkg:deb/debian/bind9@1:9.19.17-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.19.17-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2023-4236"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u4gb-737x-pych"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60046?format=json","vulnerability_id":"VCID-udbs-uja6-e3g7","summary":"The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial of service (assertion failure and named exit) via vectors related to (1) the lack of GeoIP databases for both IPv4 and IPv6, or (2) IPv6 support with certain options.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8680.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8680.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8680","reference_id":"","reference_type":"","scores":[{"value":"0.02261","scoring_system":"epss","scoring_elements":"0.84924","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02261","scoring_system":"epss","scoring_elements":"0.84948","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02261","scoring_system":"epss","scoring_elements":"0.84953","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02261","scoring_system":"epss","scoring_elements":"0.84947","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02261","scoring_system":"epss","scoring_elements":"0.84938","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02261","scoring_system":"epss","scoring_elements":"0.84952","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8680"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1171919","reference_id":"1171919","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1171919"},{"reference_url":"https://security.gentoo.org/glsa/201502-03","reference_id":"GLSA-201502-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2014-8680"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-udbs-uja6-e3g7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60157?format=json","vulnerability_id":"VCID-ueat-b7bk-23hg","summary":"An error in the EDNS Client Subnet (ECS) feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 -> 9.11.6-S1 of BIND 9 Supported Preview Edition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6469.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6469.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6469","reference_id":"","reference_type":"","scores":[{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77948","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77975","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77981","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77972","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77961","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01057","scoring_system":"epss","scoring_elements":"0.77978","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6469"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1715352","reference_id":"1715352","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1715352"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2019-6469"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ueat-b7bk-23hg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60163?format=json","vulnerability_id":"VCID-uh4x-1ab4-wfd6","summary":"Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by other servers. A mirror zone is similar to a zone of type secondary, except that its data is subject to DNSSEC validation before being used in answers, as if it had been looked up via traditional recursion, and when mirror zone data cannot be validated, BIND falls back to using traditional recursion instead of the mirror zone. However, an error in the validity checks for the incoming zone data can allow an on-path attacker to replace zone data that was validated with a configured trust anchor with forged data of the attacker's choosing. The mirror zone feature is most often used to serve a local copy of the root zone. If an attacker was able to insert themselves into the network path between a recursive server using a mirror zone and a root name server, this vulnerability could then be used to cause the recursive server to accept a copy of falsified root zone data. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0 up to 9.15.4.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6475.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6475.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6475","reference_id":"","reference_type":"","scores":[{"value":"0.00621","scoring_system":"epss","scoring_elements":"0.70457","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00621","scoring_system":"epss","scoring_elements":"0.70501","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00621","scoring_system":"epss","scoring_elements":"0.7049","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00621","scoring_system":"epss","scoring_elements":"0.70478","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00621","scoring_system":"epss","scoring_elements":"0.70499","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00621","scoring_system":"epss","scoring_elements":"0.70508","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6475"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1762914","reference_id":"1762914","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1762914"},{"reference_url":"https://security.archlinux.org/AVG-1056","reference_id":"AVG-1056","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1056"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2019-6475"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uh4x-1ab4-wfd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60059?format=json","vulnerability_id":"VCID-uhhp-aseu-1ba1","summary":"buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5722.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5722.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5722","reference_id":"","reference_type":"","scores":[{"value":"0.58903","scoring_system":"epss","scoring_elements":"0.98259","published_at":"2026-06-08T12:55:00Z"},{"value":"0.58903","scoring_system":"epss","scoring_elements":"0.98257","published_at":"2026-06-09T12:55:00Z"},{"value":"0.65919","scoring_system":"epss","scoring_elements":"0.98528","published_at":"2026-06-04T12:55:00Z"},{"value":"0.65919","scoring_system":"epss","scoring_elements":"0.98531","published_at":"2026-06-07T12:55:00Z"},{"value":"0.65919","scoring_system":"epss","scoring_elements":"0.9853","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1259087","reference_id":"1259087","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1259087"},{"reference_url":"https://security.gentoo.org/glsa/201510-01","reference_id":"GLSA-201510-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201510-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1705","reference_id":"RHSA-2015:1705","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1705"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1706","reference_id":"RHSA-2015:1706","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1706"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1707","reference_id":"RHSA-2015:1707","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1707"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0078","reference_id":"RHSA-2016:0078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0079","reference_id":"RHSA-2016:0079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0079"},{"reference_url":"https://usn.ubuntu.com/2728-1/","reference_id":"USN-2728-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2728-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88985?format=json","purl":"pkg:deb/debian/bind9@1:9.9.5.dfsg-12?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.9.5.dfsg-12%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2015-5722"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uhhp-aseu-1ba1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60016?format=json","vulnerability_id":"VCID-ukz3-v5vc-47am","summary":"query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4313.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4313.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4313","reference_id":"","reference_type":"","scores":[{"value":"0.06865","scoring_system":"epss","scoring_elements":"0.91528","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06865","scoring_system":"epss","scoring_elements":"0.91541","published_at":"2026-06-05T12:55:00Z"},{"value":"0.06865","scoring_system":"epss","scoring_elements":"0.91543","published_at":"2026-06-06T12:55:00Z"},{"value":"0.06865","scoring_system":"epss","scoring_elements":"0.9154","published_at":"2026-06-07T12:55:00Z"},{"value":"0.06865","scoring_system":"epss","scoring_elements":"0.91537","published_at":"2026-06-08T12:55:00Z"},{"value":"0.06865","scoring_system":"epss","scoring_elements":"0.91552","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4313"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=649099","reference_id":"649099","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=649099"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=754398","reference_id":"754398","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=754398"},{"reference_url":"https://security.gentoo.org/glsa/201206-01","reference_id":"GLSA-201206-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1458","reference_id":"RHSA-2011:1458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1459","reference_id":"RHSA-2011:1459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1496","reference_id":"RHSA-2011:1496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1496"},{"reference_url":"https://usn.ubuntu.com/1264-1/","reference_id":"USN-1264-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1264-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88971?format=json","purl":"pkg:deb/debian/bind9@1:9.8.1.dfsg.P1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.8.1.dfsg.P1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2011-4313"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ukz3-v5vc-47am"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59977?format=json","vulnerability_id":"VCID-uqsb-xndy-rqbz","summary":"Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1219","reference_id":"","reference_type":"","scores":[{"value":"0.11799","scoring_system":"epss","scoring_elements":"0.93843","published_at":"2026-06-04T12:55:00Z"},{"value":"0.11799","scoring_system":"epss","scoring_elements":"0.93853","published_at":"2026-06-05T12:55:00Z"},{"value":"0.11799","scoring_system":"epss","scoring_elements":"0.93852","published_at":"2026-06-07T12:55:00Z"},{"value":"0.11799","scoring_system":"epss","scoring_elements":"0.93851","published_at":"2026-06-08T12:55:00Z"},{"value":"0.11799","scoring_system":"epss","scoring_elements":"0.93856","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1219"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2002-1219"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uqsb-xndy-rqbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60049?format=json","vulnerability_id":"VCID-uuc1-7xt3-z3es","summary":"named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon crash) by triggering an incorrect trust-anchor management scenario in which no key is ready for use.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1349.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1349.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1349","reference_id":"","reference_type":"","scores":[{"value":"0.08661","scoring_system":"epss","scoring_elements":"0.92599","published_at":"2026-06-04T12:55:00Z"},{"value":"0.08661","scoring_system":"epss","scoring_elements":"0.92612","published_at":"2026-06-05T12:55:00Z"},{"value":"0.08661","scoring_system":"epss","scoring_elements":"0.92608","published_at":"2026-06-06T12:55:00Z"},{"value":"0.08661","scoring_system":"epss","scoring_elements":"0.92603","published_at":"2026-06-07T12:55:00Z"},{"value":"0.08661","scoring_system":"epss","scoring_elements":"0.92601","published_at":"2026-06-08T12:55:00Z"},{"value":"0.08661","scoring_system":"epss","scoring_elements":"0.9262","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1193820","reference_id":"1193820","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1193820"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778733","reference_id":"778733","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778733"},{"reference_url":"https://security.gentoo.org/glsa/201510-01","reference_id":"GLSA-201510-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201510-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0672","reference_id":"RHSA-2015:0672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0672"},{"reference_url":"https://usn.ubuntu.com/2503-1/","reference_id":"USN-2503-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2503-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88982?format=json","purl":"pkg:deb/debian/bind9@1:9.9.5.dfsg-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.9.5.dfsg-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2015-1349"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uuc1-7xt3-z3es"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60113?format=json","vulnerability_id":"VCID-uvnd-kqby-jbch","summary":"While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5734.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5734.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5734","reference_id":"","reference_type":"","scores":[{"value":"0.05241","scoring_system":"epss","scoring_elements":"0.90137","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05241","scoring_system":"epss","scoring_elements":"0.90154","published_at":"2026-06-05T12:55:00Z"},{"value":"0.05241","scoring_system":"epss","scoring_elements":"0.90152","published_at":"2026-06-06T12:55:00Z"},{"value":"0.05241","scoring_system":"epss","scoring_elements":"0.9015","published_at":"2026-06-07T12:55:00Z"},{"value":"0.05241","scoring_system":"epss","scoring_elements":"0.90149","published_at":"2026-06-08T12:55:00Z"},{"value":"0.05241","scoring_system":"epss","scoring_elements":"0.90164","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5734"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1550602","reference_id":"1550602","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1550602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5734"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uvnd-kqby-jbch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60237?format=json","vulnerability_id":"VCID-v1sf-68f6-7ydu","summary":"The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary. This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3341.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3341.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3341","reference_id":"","reference_type":"","scores":[{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45549","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45561","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45536","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.48174","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00247","scoring_system":"epss","scoring_elements":"0.48171","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3341"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052416","reference_id":"1052416","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052416"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/20/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:03:26Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/20/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2239621","reference_id":"2239621","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2239621"},{"reference_url":"https://kb.isc.org/docs/cve-2023-3341","reference_id":"cve-2023-3341","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:03:26Z/"}],"url":"https://kb.isc.org/docs/cve-2023-3341"},{"reference_url":"https://www.debian.org/security/2023/dsa-5504","reference_id":"dsa-5504","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:03:26Z/"}],"url":"https://www.debian.org/security/2023/dsa-5504"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPJLLTJCSDJJII7IIZPLTBQNWP7MZH7F/","reference_id":"IPJLLTJCSDJJII7IIZPLTBQNWP7MZH7F","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:03:26Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPJLLTJCSDJJII7IIZPLTBQNWP7MZH7F/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00021.html","reference_id":"msg00021.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:03:26Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00021.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231013-0003/","reference_id":"ntap-20231013-0003","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:03:26Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231013-0003/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5460","reference_id":"RHSA-2023:5460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5460"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5473","reference_id":"RHSA-2023:5473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5474","reference_id":"RHSA-2023:5474","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5474"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5526","reference_id":"RHSA-2023:5526","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5526"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5527","reference_id":"RHSA-2023:5527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5529","reference_id":"RHSA-2023:5529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5689","reference_id":"RHSA-2023:5689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5690","reference_id":"RHSA-2023:5690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5691","reference_id":"RHSA-2023:5691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5771","reference_id":"RHSA-2023:5771","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5771"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0039","reference_id":"RHSA-2025:0039","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0039"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U35OARLQCPMVCBBPHWBXY5M6XJLD2TZ5/","reference_id":"U35OARLQCPMVCBBPHWBXY5M6XJLD2TZ5","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:03:26Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U35OARLQCPMVCBBPHWBXY5M6XJLD2TZ5/"},{"reference_url":"https://usn.ubuntu.com/6390-1/","reference_id":"USN-6390-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6390-1/"},{"reference_url":"https://usn.ubuntu.com/6421-1/","reference_id":"USN-6421-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6421-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSK5V4W4OHPM3JTJGWAQD6CZW7SFD75B/","reference_id":"VSK5V4W4OHPM3JTJGWAQD6CZW7SFD75B","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:03:26Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSK5V4W4OHPM3JTJGWAQD6CZW7SFD75B/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89045?format=json","purl":"pkg:deb/debian/bind9@1:9.16.44-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.44-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89043?format=json","purl":"pkg:deb/debian/bind9@1:9.18.19-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.19-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89046?format=json","purl":"pkg:deb/debian/bind9@1:9.19.17-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.19.17-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2023-3341"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v1sf-68f6-7ydu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60140?format=json","vulnerability_id":"VCID-vbk8-2s3p-mfcf","summary":"By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5743.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5743.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5743","reference_id":"","reference_type":"","scores":[{"value":"0.05693","scoring_system":"epss","scoring_elements":"0.90567","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05693","scoring_system":"epss","scoring_elements":"0.90581","published_at":"2026-06-06T12:55:00Z"},{"value":"0.05693","scoring_system":"epss","scoring_elements":"0.90594","published_at":"2026-06-09T12:55:00Z"},{"value":"0.05693","scoring_system":"epss","scoring_elements":"0.90579","published_at":"2026-06-07T12:55:00Z"},{"value":"0.05693","scoring_system":"epss","scoring_elements":"0.90578","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6465","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6465"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702541","reference_id":"1702541","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702541"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927932","reference_id":"927932","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1145","reference_id":"RHSA-2019:1145","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1145"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1294","reference_id":"RHSA-2019:1294","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1294"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1492","reference_id":"RHSA-2019:1492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2698","reference_id":"RHSA-2019:2698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2977","reference_id":"RHSA-2019:2977","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2977"},{"reference_url":"https://usn.ubuntu.com/3956-1/","reference_id":"USN-3956-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3956-1/"},{"reference_url":"https://usn.ubuntu.com/3956-2/","reference_id":"USN-3956-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3956-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89013?format=json","purl":"pkg:deb/debian/bind9@1:9.11.5.P4%2Bdfsg-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.11.5.P4%252Bdfsg-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5743"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vbk8-2s3p-mfcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60248?format=json","vulnerability_id":"VCID-vdj9-7xm7-r7d9","summary":"It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate resources processing the queries. Zones will usually need to have been deliberately crafted to attack this exposure. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.32-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11187.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11187.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11187","reference_id":"","reference_type":"","scores":[{"value":"0.04177","scoring_system":"epss","scoring_elements":"0.88924","published_at":"2026-06-09T12:55:00Z"},{"value":"0.04177","scoring_system":"epss","scoring_elements":"0.88908","published_at":"2026-06-06T12:55:00Z"},{"value":"0.04177","scoring_system":"epss","scoring_elements":"0.88907","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11187"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11187","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11187"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094735","reference_id":"1094735","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094735"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2342879","reference_id":"2342879","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2342879"},{"reference_url":"https://kb.isc.org/docs/cve-2024-11187","reference_id":"cve-2024-11187","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-30T15:27:46Z/"}],"url":"https://kb.isc.org/docs/cve-2024-11187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1664","reference_id":"RHSA-2025:1664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1664"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1665","reference_id":"RHSA-2025:1665","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1665"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1666","reference_id":"RHSA-2025:1666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1666"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1669","reference_id":"RHSA-2025:1669","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1669"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1670","reference_id":"RHSA-2025:1670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1674","reference_id":"RHSA-2025:1674","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1674"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1675","reference_id":"RHSA-2025:1675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1676","reference_id":"RHSA-2025:1676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1676"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1678","reference_id":"RHSA-2025:1678","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1678"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1679","reference_id":"RHSA-2025:1679","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1679"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1681","reference_id":"RHSA-2025:1681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1684","reference_id":"RHSA-2025:1684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1685","reference_id":"RHSA-2025:1685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1687","reference_id":"RHSA-2025:1687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1691","reference_id":"RHSA-2025:1691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1718","reference_id":"RHSA-2025:1718","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1718"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1907","reference_id":"RHSA-2025:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1912","reference_id":"RHSA-2025:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2441","reference_id":"RHSA-2025:2441","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2441"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2588","reference_id":"RHSA-2025:2588","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2588"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3775","reference_id":"RHSA-2025:3775","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3775"},{"reference_url":"https://usn.ubuntu.com/7241-1/","reference_id":"USN-7241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89057?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89056?format=json","purl":"pkg:deb/debian/bind9@1:9.18.33-1~deb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.33-1~deb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89058?format=json","purl":"pkg:deb/debian/bind9@1:9.20.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2024-11187"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vdj9-7xm7-r7d9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60277?format=json","vulnerability_id":"VCID-vepe-arvq-fkex","summary":"Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8677.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8677.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8677","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21863","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2196","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21912","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21853","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21974","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8677"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2405830","reference_id":"2405830","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2405830"},{"reference_url":"https://kb.isc.org/docs/cve-2025-8677","reference_id":"cve-2025-8677","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-22T17:29:14Z/"}],"url":"https://kb.isc.org/docs/cve-2025-8677"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19912","reference_id":"RHSA-2025:19912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19950","reference_id":"RHSA-2025:19950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21034","reference_id":"RHSA-2025:21034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21111","reference_id":"RHSA-2025:21111","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21994","reference_id":"RHSA-2025:21994","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0316","reference_id":"RHSA-2026:0316","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0316"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0326","reference_id":"RHSA-2026:0326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0332","reference_id":"RHSA-2026:0332","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0332"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0420","reference_id":"RHSA-2026:0420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0674","reference_id":"RHSA-2026:0674","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0674"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0677","reference_id":"RHSA-2026:0677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0677"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0702","reference_id":"RHSA-2026:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0996","reference_id":"RHSA-2026:0996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1541","reference_id":"RHSA-2026:1541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18786","reference_id":"RHSA-2026:18786","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6935","reference_id":"RHSA-2026:6935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6935"},{"reference_url":"https://usn.ubuntu.com/7836-1/","reference_id":"USN-7836-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7836-1/"},{"reference_url":"https://usn.ubuntu.com/7836-2/","reference_id":"USN-7836-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7836-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89067?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89066?format=json","purl":"pkg:deb/debian/bind9@1:9.18.41-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.41-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89069?format=json","purl":"pkg:deb/debian/bind9@1:9.20.15-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.15-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89068?format=json","purl":"pkg:deb/debian/bind9@1:9.20.15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2025-8677"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vepe-arvq-fkex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59973?format=json","vulnerability_id":"VCID-vg3r-kcrg-jbcv","summary":"Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the (1) getnetbyname, or (2) getnetbyaddr functions, aka \"LIBRESOLV: buffer overrun\" and a different vulnerability than CVE-2002-0684.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0029.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0029.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0029","reference_id":"","reference_type":"","scores":[{"value":"0.21847","scoring_system":"epss","scoring_elements":"0.95862","published_at":"2026-06-04T12:55:00Z"},{"value":"0.21847","scoring_system":"epss","scoring_elements":"0.95866","published_at":"2026-06-05T12:55:00Z"},{"value":"0.21847","scoring_system":"epss","scoring_elements":"0.95869","published_at":"2026-06-08T12:55:00Z"},{"value":"0.21847","scoring_system":"epss","scoring_elements":"0.9587","published_at":"2026-06-07T12:55:00Z"},{"value":"0.21847","scoring_system":"epss","scoring_elements":"0.95874","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0029"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616723","reference_id":"1616723","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:383","reference_id":"RHSA-2004:383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:383"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2002-0029"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vg3r-kcrg-jbcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60170?format=json","vulnerability_id":"VCID-vjf3-75wg-2bhq","summary":"With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6477.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6477.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6477","reference_id":"","reference_type":"","scores":[{"value":"0.05682","scoring_system":"epss","scoring_elements":"0.90558","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05682","scoring_system":"epss","scoring_elements":"0.90572","published_at":"2026-06-05T12:55:00Z"},{"value":"0.05682","scoring_system":"epss","scoring_elements":"0.90573","published_at":"2026-06-06T12:55:00Z"},{"value":"0.05682","scoring_system":"epss","scoring_elements":"0.90571","published_at":"2026-06-07T12:55:00Z"},{"value":"0.05682","scoring_system":"epss","scoring_elements":"0.9057","published_at":"2026-06-08T12:55:00Z"},{"value":"0.05682","scoring_system":"epss","scoring_elements":"0.90586","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6477"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6477","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6477"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1773617","reference_id":"1773617","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1773617"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945171","reference_id":"945171","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1061","reference_id":"RHSA-2020:1061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1845","reference_id":"RHSA-2020:1845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1845"},{"reference_url":"https://usn.ubuntu.com/4197-1/","reference_id":"USN-4197-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4197-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89016?format=json","purl":"pkg:deb/debian/bind9@1:9.11.14%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.11.14%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2019-6477"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vjf3-75wg-2bhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6130?format=json","vulnerability_id":"VCID-vkp2-ext1-nuet","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6465.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6465.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6465","reference_id":"","reference_type":"","scores":[{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79914","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.7995","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.7994","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.7993","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79939","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0128","scoring_system":"epss","scoring_elements":"0.79944","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6465"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6465","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6465"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1679304","reference_id":"1679304","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1679304"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922955","reference_id":"922955","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922955"},{"reference_url":"https://security.archlinux.org/ASA-201902-25","reference_id":"ASA-201902-25","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-25"},{"reference_url":"https://security.archlinux.org/AVG-915","reference_id":"AVG-915","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-915"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3552","reference_id":"RHSA-2019:3552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1061","reference_id":"RHSA-2020:1061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1061"},{"reference_url":"https://usn.ubuntu.com/3893-1/","reference_id":"USN-3893-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3893-1/"},{"reference_url":"https://usn.ubuntu.com/3893-2/","reference_id":"USN-3893-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3893-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89014?format=json","purl":"pkg:deb/debian/bind9@1:9.11.5.P4%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.11.5.P4%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2019-6465"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vkp2-ext1-nuet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4996?format=json","vulnerability_id":"VCID-vnwc-73jv-xfdm","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0396.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0396.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0396","reference_id":"","reference_type":"","scores":[{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29413","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29392","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29412","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29379","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29481","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29445","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064513","reference_id":"2064513","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064513"},{"reference_url":"https://security.archlinux.org/ASA-202204-5","reference_id":"ASA-202204-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-5"},{"reference_url":"https://security.archlinux.org/AVG-2661","reference_id":"AVG-2661","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2661"},{"reference_url":"https://security.gentoo.org/glsa/202210-25","reference_id":"GLSA-202210-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7643","reference_id":"RHSA-2022:7643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7643"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8068","reference_id":"RHSA-2022:8068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8068"},{"reference_url":"https://usn.ubuntu.com/5332-1/","reference_id":"USN-5332-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5332-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89027?format=json","purl":"pkg:deb/debian/bind9@1:9.16.27-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.27-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89026?format=json","purl":"pkg:deb/debian/bind9@1:9.18.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2022-0396"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vnwc-73jv-xfdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60278?format=json","vulnerability_id":"VCID-vrzy-cfzb-vydy","summary":"If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why-does-my-authoritative-server-make-recursive-queries). This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.46, 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.46-S1, and 9.20.9-S1 through 9.20.20-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1519.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1519.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-1519","reference_id":"","reference_type":"","scores":[{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19163","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.1926","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19257","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19213","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19141","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-1519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1519"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451305","reference_id":"2451305","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451305"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.18.47","reference_id":"9.18.47","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T14:55:33Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.18.47"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.20.21","reference_id":"9.20.21","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T14:55:33Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.20.21"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.21.20","reference_id":"9.21.20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T14:55:33Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.21.20"},{"reference_url":"https://kb.isc.org/docs/cve-2026-1519","reference_id":"cve-2026-1519","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T14:55:33Z/"}],"url":"https://kb.isc.org/docs/cve-2026-1519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11371","reference_id":"RHSA-2026:11371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11372","reference_id":"RHSA-2026:11372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15890","reference_id":"RHSA-2026:15890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16060","reference_id":"RHSA-2026:16060","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16064","reference_id":"RHSA-2026:16064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16064"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24500","reference_id":"RHSA-2026:24500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6935","reference_id":"RHSA-2026:6935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7915","reference_id":"RHSA-2026:7915","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7915"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8075","reference_id":"RHSA-2026:8075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8155","reference_id":"RHSA-2026:8155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8312","reference_id":"RHSA-2026:8312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8312"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8352","reference_id":"RHSA-2026:8352","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8352"},{"reference_url":"https://usn.ubuntu.com/8124-1/","reference_id":"USN-8124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8124-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89074?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89075?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2026-1519"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vrzy-cfzb-vydy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3559?format=json","vulnerability_id":"VCID-w7jn-waae-a7dq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2795.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2795.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2795","reference_id":"","reference_type":"","scores":[{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58749","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00363","scoring_system":"epss","scoring_elements":"0.58734","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00484","scoring_system":"epss","scoring_elements":"0.65677","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00484","scoring_system":"epss","scoring_elements":"0.65624","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00484","scoring_system":"epss","scoring_elements":"0.65688","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2128584","reference_id":"2128584","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2128584"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/09/21/3","reference_id":"3","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/09/21/3"},{"reference_url":"https://security.archlinux.org/AVG-2811","reference_id":"AVG-2811","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2811"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/","reference_id":"CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/"},{"reference_url":"https://kb.isc.org/docs/cve-2022-2795","reference_id":"cve-2022-2795","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/"}],"url":"https://kb.isc.org/docs/cve-2022-2795"},{"reference_url":"https://www.debian.org/security/2022/dsa-5235","reference_id":"dsa-5235","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/"}],"url":"https://www.debian.org/security/2022/dsa-5235"},{"reference_url":"https://security.gentoo.org/glsa/202210-25","reference_id":"GLSA-202210-25","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/"}],"url":"https://security.gentoo.org/glsa/202210-25"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/","reference_id":"MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html","reference_id":"msg00007.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00007.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0402","reference_id":"RHSA-2023:0402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2261","reference_id":"RHSA-2023:2261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2792","reference_id":"RHSA-2023:2792","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2792"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3002","reference_id":"RHSA-2023:3002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2720","reference_id":"RHSA-2024:2720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2720"},{"reference_url":"https://usn.ubuntu.com/5626-1/","reference_id":"USN-5626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5626-1/"},{"reference_url":"https://usn.ubuntu.com/5626-2/","reference_id":"USN-5626-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5626-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/","reference_id":"YZJQNUASODNVAWZV6STKG5SD6XIJ446S","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-12T17:20:53Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89030?format=json","purl":"pkg:deb/debian/bind9@1:9.16.33-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.33-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89029?format=json","purl":"pkg:deb/debian/bind9@1:9.18.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2022-2795"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w7jn-waae-a7dq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59992?format=json","vulnerability_id":"VCID-wby4-r27a-3qdh","summary":"Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2241.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2241.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2241","reference_id":"","reference_type":"","scores":[{"value":"0.03461","scoring_system":"epss","scoring_elements":"0.87746","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03461","scoring_system":"epss","scoring_elements":"0.87768","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03461","scoring_system":"epss","scoring_elements":"0.87769","published_at":"2026-06-07T12:55:00Z"},{"value":"0.03461","scoring_system":"epss","scoring_elements":"0.8777","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03461","scoring_system":"epss","scoring_elements":"0.87782","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2241"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=238398","reference_id":"238398","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=238398"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88960?format=json","purl":"pkg:deb/debian/bind9@1:9.4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2007-2241"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wby4-r27a-3qdh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60246?format=json","vulnerability_id":"VCID-wcvp-8rnp-ebau","summary":"To keep its cache database efficient, `named` running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queued for later processing. It was discovered that if the resolver is continuously processing query patterns triggering this type of cache-database maintenance, `named` may not be able to handle the cleanup events in a timely manner. This in turn enables the list of queued cleanup events to grow infinitely large over time, allowing the configured `max-cache-size` limit to be significantly exceeded. This issue affects BIND 9 versions 9.16.0 through 9.16.45 and 9.16.8-S1 through 9.16.45-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6516.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6516.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6516","reference_id":"","reference_type":"","scores":[{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.4525","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45282","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45285","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45265","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45238","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6516"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6516","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6516"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/13/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:01:15Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/13/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263911","reference_id":"2263911","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2263911"},{"reference_url":"https://kb.isc.org/docs/cve-2023-6516","reference_id":"cve-2023-6516","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:01:15Z/"}],"url":"https://kb.isc.org/docs/cve-2023-6516"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240503-0008/","reference_id":"ntap-20240503-0008","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:01:15Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240503-0008/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/","reference_id":"PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:01:15Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1647","reference_id":"RHSA-2024:1647","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1647"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1648","reference_id":"RHSA-2024:1648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1648"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1781","reference_id":"RHSA-2024:1781","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1781"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1789","reference_id":"RHSA-2024:1789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1800","reference_id":"RHSA-2024:1800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1803","reference_id":"RHSA-2024:1803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2551","reference_id":"RHSA-2024:2551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2551"},{"reference_url":"https://usn.ubuntu.com/6642-1/","reference_id":"USN-6642-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6642-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/","reference_id":"ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-20T16:01:15Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89051?format=json","purl":"pkg:deb/debian/bind9@1:9.16.48-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.48-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89024?format=json","purl":"pkg:deb/debian/bind9@1:9.17.19-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.17.19-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2023-6516"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wcvp-8rnp-ebau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60001?format=json","vulnerability_id":"VCID-wkag-e7qj-3kg3","summary":"Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed \"at the same time as requesting DNSSEC records (DO),\" aka Bug 20438.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4022.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4022.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4022","reference_id":"","reference_type":"","scores":[{"value":"0.20044","scoring_system":"epss","scoring_elements":"0.95594","published_at":"2026-06-04T12:55:00Z"},{"value":"0.20044","scoring_system":"epss","scoring_elements":"0.956","published_at":"2026-06-05T12:55:00Z"},{"value":"0.20044","scoring_system":"epss","scoring_elements":"0.95604","published_at":"2026-06-06T12:55:00Z"},{"value":"0.20044","scoring_system":"epss","scoring_elements":"0.95606","published_at":"2026-06-07T12:55:00Z"},{"value":"0.20044","scoring_system":"epss","scoring_elements":"0.95607","published_at":"2026-06-08T12:55:00Z"},{"value":"0.20044","scoring_system":"epss","scoring_elements":"0.95611","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=538744","reference_id":"538744","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=538744"},{"reference_url":"https://security.gentoo.org/glsa/201006-11","reference_id":"GLSA-201006-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201006-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1620","reference_id":"RHSA-2009:1620","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1620"},{"reference_url":"https://usn.ubuntu.com/865-1/","reference_id":"USN-865-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/865-1/"},{"reference_url":"https://usn.ubuntu.com/888-1/","reference_id":"USN-888-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/888-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88965?format=json","purl":"pkg:deb/debian/bind9@1:9.6.1.dfsg.P2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.6.1.dfsg.P2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2009-4022"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wkag-e7qj-3kg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60184?format=json","vulnerability_id":"VCID-x118-nztx-3ub3","summary":"In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8620.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8620.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8620","reference_id":"","reference_type":"","scores":[{"value":"0.08369","scoring_system":"epss","scoring_elements":"0.92449","published_at":"2026-06-04T12:55:00Z"},{"value":"0.08369","scoring_system":"epss","scoring_elements":"0.92462","published_at":"2026-06-05T12:55:00Z"},{"value":"0.08369","scoring_system":"epss","scoring_elements":"0.92458","published_at":"2026-06-06T12:55:00Z"},{"value":"0.08369","scoring_system":"epss","scoring_elements":"0.92453","published_at":"2026-06-07T12:55:00Z"},{"value":"0.08369","scoring_system":"epss","scoring_elements":"0.92452","published_at":"2026-06-08T12:55:00Z"},{"value":"0.08369","scoring_system":"epss","scoring_elements":"0.9247","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8620"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1869468","reference_id":"1869468","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1869468"},{"reference_url":"https://security.gentoo.org/glsa/202008-19","reference_id":"GLSA-202008-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202008-19"},{"reference_url":"https://usn.ubuntu.com/4468-1/","reference_id":"USN-4468-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4468-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89019?format=json","purl":"pkg:deb/debian/bind9@1:9.16.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8620"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x118-nztx-3ub3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6582?format=json","vulnerability_id":"VCID-xdkb-a96t-8kgc","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3137.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3137.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3137","reference_id":"","reference_type":"","scores":[{"value":"0.28496","scoring_system":"epss","scoring_elements":"0.96617","published_at":"2026-06-05T12:55:00Z"},{"value":"0.28496","scoring_system":"epss","scoring_elements":"0.96612","published_at":"2026-06-04T12:55:00Z"},{"value":"0.28496","scoring_system":"epss","scoring_elements":"0.96626","published_at":"2026-06-09T12:55:00Z"},{"value":"0.28496","scoring_system":"epss","scoring_elements":"0.96621","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3136","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3136"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3138"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441133","reference_id":"1441133","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441133"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860225","reference_id":"860225","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860225"},{"reference_url":"https://security.archlinux.org/ASA-201704-11","reference_id":"ASA-201704-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201704-11"},{"reference_url":"https://security.archlinux.org/AVG-239","reference_id":"AVG-239","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-239"},{"reference_url":"https://security.gentoo.org/glsa/201708-01","reference_id":"GLSA-201708-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201708-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1095","reference_id":"RHSA-2017:1095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1105","reference_id":"RHSA-2017:1105","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1105"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1582","reference_id":"RHSA-2017:1582","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1582"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1583","reference_id":"RHSA-2017:1583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1583"},{"reference_url":"https://usn.ubuntu.com/3259-1/","reference_id":"USN-3259-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3259-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89007?format=json","purl":"pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-12.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-12.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2017-3137"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xdkb-a96t-8kgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60079?format=json","vulnerability_id":"VCID-xgkf-m23s-cbav","summary":"rdataset.c in ISC BIND 9 Supported Preview Edition 9.9.8-S before 9.9.8-S5, when nxdomain-redirect is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via crafted flag values in a query.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1284","reference_id":"","reference_type":"","scores":[{"value":"0.09482","scoring_system":"epss","scoring_elements":"0.92979","published_at":"2026-06-04T12:55:00Z"},{"value":"0.09482","scoring_system":"epss","scoring_elements":"0.9299","published_at":"2026-06-09T12:55:00Z"},{"value":"0.09482","scoring_system":"epss","scoring_elements":"0.92986","published_at":"2026-06-06T12:55:00Z"},{"value":"0.09482","scoring_system":"epss","scoring_elements":"0.92982","published_at":"2026-06-07T12:55:00Z"},{"value":"0.09482","scoring_system":"epss","scoring_elements":"0.9298","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1284"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2016-1284"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xgkf-m23s-cbav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60137?format=json","vulnerability_id":"VCID-xqhy-zdq5-wyd5","summary":"While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. Affects RedHat versions bind-9.9.4-65.el7 -> bind-9.9.4-72.el7. No ISC releases are affected. Other packages from other distributions who made the same error may also be affected.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5742.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5742.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5742","reference_id":"","reference_type":"","scores":[{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.80075","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.801","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.80111","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.80105","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.80091","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5742"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1655844","reference_id":"1655844","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1655844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0194","reference_id":"RHSA-2019:0194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0194"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5742"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xqhy-zdq5-wyd5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60004?format=json","vulnerability_id":"VCID-y27f-ty3g-k3g3","summary":"ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive information via a DNS query.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0218.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0218.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0218","reference_id":"","reference_type":"","scores":[{"value":"0.02115","scoring_system":"epss","scoring_elements":"0.84435","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02115","scoring_system":"epss","scoring_elements":"0.84459","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02115","scoring_system":"epss","scoring_elements":"0.84462","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02115","scoring_system":"epss","scoring_elements":"0.84454","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02115","scoring_system":"epss","scoring_elements":"0.84442","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02115","scoring_system":"epss","scoring_elements":"0.84455","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0218"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=640696","reference_id":"640696","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=640696"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2010-0218"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y27f-ty3g-k3g3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60234?format=json","vulnerability_id":"VCID-yhcn-pyvq-6khu","summary":"Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the configuration file; it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets from the cache, to keep memory use below the configured limit.  It has been discovered that the effectiveness of the cache-cleaning algorithm used in `named` can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured `max-cache-size` limit to be significantly exceeded. This issue affects BIND 9 versions 9.11.0 through 9.16.41, 9.18.0 through 9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2828.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2828.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2828","reference_id":"","reference_type":"","scores":[{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76141","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76129","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00904","scoring_system":"epss","scoring_elements":"0.76117","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01176","scoring_system":"epss","scoring_elements":"0.79095","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01176","scoring_system":"epss","scoring_elements":"0.79089","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2911"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2216227","reference_id":"2216227","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2216227"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/06/21/6","reference_id":"6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T18:36:28Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/06/21/6"},{"reference_url":"https://kb.isc.org/docs/cve-2023-2828","reference_id":"cve-2023-2828","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T18:36:28Z/"}],"url":"https://kb.isc.org/docs/cve-2023-2828"},{"reference_url":"https://www.debian.org/security/2023/dsa-5439","reference_id":"dsa-5439","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T18:36:28Z/"}],"url":"https://www.debian.org/security/2023/dsa-5439"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00021.html","reference_id":"msg00021.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T18:36:28Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00021.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230703-0010/","reference_id":"ntap-20230703-0010","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T18:36:28Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230703-0010/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4005","reference_id":"RHSA-2023:4005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4037","reference_id":"RHSA-2023:4037","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4037"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4099","reference_id":"RHSA-2023:4099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4100","reference_id":"RHSA-2023:4100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4101","reference_id":"RHSA-2023:4101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4102","reference_id":"RHSA-2023:4102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4152","reference_id":"RHSA-2023:4152","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4152"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4153","reference_id":"RHSA-2023:4153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4154","reference_id":"RHSA-2023:4154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4332","reference_id":"RHSA-2023:4332","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4332"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/","reference_id":"SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T18:36:28Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/","reference_id":"U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-06T18:36:28Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/"},{"reference_url":"https://usn.ubuntu.com/6183-1/","reference_id":"USN-6183-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6183-1/"},{"reference_url":"https://usn.ubuntu.com/6183-2/","reference_id":"USN-6183-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6183-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89037?format=json","purl":"pkg:deb/debian/bind9@1:9.16.42-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.42-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89036?format=json","purl":"pkg:deb/debian/bind9@1:9.18.16-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.16-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89039?format=json","purl":"pkg:deb/debian/bind9@1:9.18.16-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.16-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2023-2828"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yhcn-pyvq-6khu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60010?format=json","vulnerability_id":"VCID-yn9a-b41f-qbaw","summary":"ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service (daemon crash) via a DNS query.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3762.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3762.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3762","reference_id":"","reference_type":"","scores":[{"value":"0.27542","scoring_system":"epss","scoring_elements":"0.96521","published_at":"2026-06-04T12:55:00Z"},{"value":"0.27542","scoring_system":"epss","scoring_elements":"0.96524","published_at":"2026-06-05T12:55:00Z"},{"value":"0.27542","scoring_system":"epss","scoring_elements":"0.96528","published_at":"2026-06-08T12:55:00Z"},{"value":"0.27542","scoring_system":"epss","scoring_elements":"0.96533","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3762"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599515","reference_id":"599515","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599515"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=640730","reference_id":"640730","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=640730"},{"reference_url":"https://security.gentoo.org/glsa/201206-01","reference_id":"GLSA-201206-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0976","reference_id":"RHSA-2010:0976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0976"},{"reference_url":"https://usn.ubuntu.com/1139-1/","reference_id":"USN-1139-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1139-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88969?format=json","purl":"pkg:deb/debian/bind9@1:9.7.2.dfsg.P2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.7.2.dfsg.P2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2010-3762"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yn9a-b41f-qbaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60178?format=json","vulnerability_id":"VCID-yvq5-m689-p7du","summary":"An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8618.json","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8618.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8618","reference_id":"","reference_type":"","scores":[{"value":"0.01297","scoring_system":"epss","scoring_elements":"0.80043","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01297","scoring_system":"epss","scoring_elements":"0.80078","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01297","scoring_system":"epss","scoring_elements":"0.80067","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01297","scoring_system":"epss","scoring_elements":"0.80058","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01297","scoring_system":"epss","scoring_elements":"0.80069","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01297","scoring_system":"epss","scoring_elements":"0.80073","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-8618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8618"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1847242","reference_id":"1847242","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1847242"},{"reference_url":"https://security.archlinux.org/ASA-202006-13","reference_id":"ASA-202006-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202006-13"},{"reference_url":"https://security.archlinux.org/AVG-1191","reference_id":"AVG-1191","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1191"},{"reference_url":"https://usn.ubuntu.com/4399-1/","reference_id":"USN-4399-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4399-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89018?format=json","purl":"pkg:deb/debian/bind9@1:9.16.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2020-8618"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yvq5-m689-p7du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60279?format=json","vulnerability_id":"VCID-z1wm-ngfx-nfd3","summary":"A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3104.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3104.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3104","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1656","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16669","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16666","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16627","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16546","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3104"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451310","reference_id":"2451310","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451310"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.20.21","reference_id":"9.20.21","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T14:56:20Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.20.21"},{"reference_url":"https://downloads.isc.org/isc/bind9/9.21.20","reference_id":"9.21.20","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T14:56:20Z/"}],"url":"https://downloads.isc.org/isc/bind9/9.21.20"},{"reference_url":"https://kb.isc.org/docs/cve-2026-3104","reference_id":"cve-2026-3104","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T14:56:20Z/"}],"url":"https://kb.isc.org/docs/cve-2026-3104"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6935","reference_id":"RHSA-2026:6935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6935"},{"reference_url":"https://usn.ubuntu.com/8124-1/","reference_id":"USN-8124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8124-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89075?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2026-3104"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z1wm-ngfx-nfd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59983?format=json","vulnerability_id":"VCID-z5zy-1nyp-4khr","summary":"BIND 4 and BIND 8, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-2211","reference_id":"","reference_type":"","scores":[{"value":"0.03336","scoring_system":"epss","scoring_elements":"0.8752","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03336","scoring_system":"epss","scoring_elements":"0.87541","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03336","scoring_system":"epss","scoring_elements":"0.87539","published_at":"2026-06-06T12:55:00Z"},{"value":"0.03336","scoring_system":"epss","scoring_elements":"0.87538","published_at":"2026-06-07T12:55:00Z"},{"value":"0.03336","scoring_system":"epss","scoring_elements":"0.87537","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03336","scoring_system":"epss","scoring_elements":"0.87549","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-2211"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2002-2211"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z5zy-1nyp-4khr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60083?format=json","vulnerability_id":"VCID-z6ph-d5ch-5ygy","summary":"named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1286.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1286.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1286","reference_id":"","reference_type":"","scores":[{"value":"0.53591","scoring_system":"epss","scoring_elements":"0.98035","published_at":"2026-06-04T12:55:00Z"},{"value":"0.53591","scoring_system":"epss","scoring_elements":"0.98038","published_at":"2026-06-09T12:55:00Z"},{"value":"0.53591","scoring_system":"epss","scoring_elements":"0.98039","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1286"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315680","reference_id":"1315680","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1315680"},{"reference_url":"https://security.gentoo.org/glsa/201610-07","reference_id":"GLSA-201610-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201610-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0458","reference_id":"RHSA-2016:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0459","reference_id":"RHSA-2016:0459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0562","reference_id":"RHSA-2016:0562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0601","reference_id":"RHSA-2016:0601","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0601"},{"reference_url":"https://usn.ubuntu.com/2925-1/","reference_id":"USN-2925-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2925-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88987?format=json","purl":"pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.10.3.dfsg.P4-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2016-1286"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z6ph-d5ch-5ygy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59995?format=json","vulnerability_id":"VCID-zezg-yzav-r3c7","summary":"Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6283.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6283.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6283","reference_id":"","reference_type":"","scores":[{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31908","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31981","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.3195","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31913","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.3188","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31902","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6283"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=419421","reference_id":"419421","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=419421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0300","reference_id":"RHSA-2008:0300","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0300"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2007-6283"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zezg-yzav-r3c7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60037?format=json","vulnerability_id":"VCID-zws6-9abm-73bw","summary":"The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a DNS query that triggers a response with unspecified attributes.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3214.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3214.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3214","reference_id":"","reference_type":"","scores":[{"value":"0.11256","scoring_system":"epss","scoring_elements":"0.93657","published_at":"2026-06-04T12:55:00Z"},{"value":"0.11256","scoring_system":"epss","scoring_elements":"0.93667","published_at":"2026-06-05T12:55:00Z"},{"value":"0.11256","scoring_system":"epss","scoring_elements":"0.93666","published_at":"2026-06-06T12:55:00Z"},{"value":"0.11256","scoring_system":"epss","scoring_elements":"0.93665","published_at":"2026-06-07T12:55:00Z"},{"value":"0.11256","scoring_system":"epss","scoring_elements":"0.93664","published_at":"2026-06-08T12:55:00Z"},{"value":"0.11256","scoring_system":"epss","scoring_elements":"0.93672","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3214"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1096016","reference_id":"1096016","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1096016"},{"reference_url":"https://security.gentoo.org/glsa/201502-03","reference_id":"GLSA-201502-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2014-3214"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zws6-9abm-73bw"}],"risk_score":"3.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"}