{"url":"http://public2.vulnerablecode.io/api/packages/89054?format=json","purl":"pkg:deb/debian/bind9@1:9.20.0-1?distro=trixie","type":"deb","namespace":"debian","name":"bind9","version":"1:9.20.0-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1:9.20.5-1","latest_non_vulnerable_version":"1:9.20.23-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60254?format=json","vulnerability_id":"VCID-f1cr-g433-t3ff","summary":"Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. This issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4076.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4076.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4076","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28752","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28844","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.2881","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28775","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28741","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4076"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4076","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4076"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/23/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T15:10:37Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/23/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/31/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T15:10:37Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/31/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298904","reference_id":"2298904","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298904"},{"reference_url":"https://kb.isc.org/docs/cve-2024-4076","reference_id":"cve-2024-4076","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T15:10:37Z/"}],"url":"https://kb.isc.org/docs/cve-2024-4076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5231","reference_id":"RHSA-2024:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5390","reference_id":"RHSA-2024:5390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5418","reference_id":"RHSA-2024:5418","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5418"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5525","reference_id":"RHSA-2024:5525","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5525"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5813","reference_id":"RHSA-2024:5813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5907","reference_id":"RHSA-2024:5907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6004","reference_id":"RHSA-2024:6004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6013","reference_id":"RHSA-2024:6013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6013"},{"reference_url":"https://usn.ubuntu.com/6909-1/","reference_id":"USN-6909-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6909-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89059?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89053?format=json","purl":"pkg:deb/debian/bind9@1:9.18.28-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.28-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89054?format=json","purl":"pkg:deb/debian/bind9@1:9.20.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2024-4076"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f1cr-g433-t3ff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60251?format=json","vulnerability_id":"VCID-k1xx-ncj1-akhj","summary":"If a server hosts a zone containing a \"KEY\" Resource Record, or a resolver DNSSEC-validates a \"KEY\" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests. This issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1975.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1975.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1975","reference_id":"","reference_type":"","scores":[{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.47027","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.47061","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.47063","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.47046","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.47016","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4076","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4076"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/23/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:12:04Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/23/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/31/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:12:04Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/31/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298901","reference_id":"2298901","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298901"},{"reference_url":"https://kb.isc.org/docs/cve-2024-1975","reference_id":"cve-2024-1975","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T17:12:04Z/"}],"url":"https://kb.isc.org/docs/cve-2024-1975"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5231","reference_id":"RHSA-2024:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5390","reference_id":"RHSA-2024:5390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5418","reference_id":"RHSA-2024:5418","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5418"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5524","reference_id":"RHSA-2024:5524","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5524"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5525","reference_id":"RHSA-2024:5525","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5525"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5655","reference_id":"RHSA-2024:5655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5813","reference_id":"RHSA-2024:5813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5838","reference_id":"RHSA-2024:5838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5871","reference_id":"RHSA-2024:5871","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5871"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5894","reference_id":"RHSA-2024:5894","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5894"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5907","reference_id":"RHSA-2024:5907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5908","reference_id":"RHSA-2024:5908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5930","reference_id":"RHSA-2024:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6004","reference_id":"RHSA-2024:6004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6013","reference_id":"RHSA-2024:6013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6642","reference_id":"RHSA-2024:6642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6642"},{"reference_url":"https://usn.ubuntu.com/6909-1/","reference_id":"USN-6909-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6909-1/"},{"reference_url":"https://usn.ubuntu.com/6909-2/","reference_id":"USN-6909-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6909-2/"},{"reference_url":"https://usn.ubuntu.com/6909-3/","reference_id":"USN-6909-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6909-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89059?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89053?format=json","purl":"pkg:deb/debian/bind9@1:9.18.28-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.28-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89054?format=json","purl":"pkg:deb/debian/bind9@1:9.20.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2024-1975"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k1xx-ncj1-akhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60250?format=json","vulnerability_id":"VCID-msvw-a6mb-yqcr","summary":"Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1737.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1737.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1737","reference_id":"","reference_type":"","scores":[{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51844","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51868","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51877","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51855","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51824","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-1737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4076","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4076"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/23/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T17:27:11Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/23/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/31/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T17:27:11Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/31/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298893","reference_id":"2298893","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298893"},{"reference_url":"https://kb.isc.org/docs/cve-2024-1737","reference_id":"cve-2024-1737","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T17:27:11Z/"}],"url":"https://kb.isc.org/docs/cve-2024-1737"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5231","reference_id":"RHSA-2024:5231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5390","reference_id":"RHSA-2024:5390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5418","reference_id":"RHSA-2024:5418","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5418"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5524","reference_id":"RHSA-2024:5524","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5524"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5525","reference_id":"RHSA-2024:5525","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5525"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5655","reference_id":"RHSA-2024:5655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5813","reference_id":"RHSA-2024:5813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5838","reference_id":"RHSA-2024:5838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5871","reference_id":"RHSA-2024:5871","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5871"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5894","reference_id":"RHSA-2024:5894","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5894"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5907","reference_id":"RHSA-2024:5907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5908","reference_id":"RHSA-2024:5908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5930","reference_id":"RHSA-2024:5930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6004","reference_id":"RHSA-2024:6004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6013","reference_id":"RHSA-2024:6013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6642","reference_id":"RHSA-2024:6642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6642"},{"reference_url":"https://kb.isc.org/docs/rrset-limits-in-zones","reference_id":"rrset-limits-in-zones","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-26T17:27:11Z/"}],"url":"https://kb.isc.org/docs/rrset-limits-in-zones"},{"reference_url":"https://usn.ubuntu.com/6909-1/","reference_id":"USN-6909-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6909-1/"},{"reference_url":"https://usn.ubuntu.com/6909-2/","reference_id":"USN-6909-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6909-2/"},{"reference_url":"https://usn.ubuntu.com/6909-3/","reference_id":"USN-6909-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6909-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/89059?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89053?format=json","purl":"pkg:deb/debian/bind9@1:9.18.28-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.28-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89054?format=json","purl":"pkg:deb/debian/bind9@1:9.20.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2024-1737"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-msvw-a6mb-yqcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60247?format=json","vulnerability_id":"VCID-p2qu-sjfk-afh3","summary":"A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack.  This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0760.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0760.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0760","reference_id":"","reference_type":"","scores":[{"value":"0.1669","scoring_system":"epss","scoring_elements":"0.9507","published_at":"2026-06-09T12:55:00Z"},{"value":"0.1669","scoring_system":"epss","scoring_elements":"0.95063","published_at":"2026-06-05T12:55:00Z"},{"value":"0.1669","scoring_system":"epss","scoring_elements":"0.95064","published_at":"2026-06-06T12:55:00Z"},{"value":"0.1669","scoring_system":"epss","scoring_elements":"0.95066","published_at":"2026-06-07T12:55:00Z"},{"value":"0.1669","scoring_system":"epss","scoring_elements":"0.95065","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0760"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/23/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T16:02:34Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/23/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/07/31/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T16:02:34Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/07/31/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298878","reference_id":"2298878","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2298878"},{"reference_url":"https://kb.isc.org/docs/cve-2024-0760","reference_id":"cve-2024-0760","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-23T16:02:34Z/"}],"url":"https://kb.isc.org/docs/cve-2024-0760"},{"reference_url":"https://usn.ubuntu.com/6909-1/","reference_id":"USN-6909-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6909-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/88945?format=json","purl":"pkg:deb/debian/bind9@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88946?format=json","purl":"pkg:deb/debian/bind9@1:9.16.50-1~deb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-acdz-uq4x-mucc"},{"vulnerability":"VCID-ekn5-nayb-uufj"},{"vulnerability":"VCID-qu9b-7ejp-jyaa"},{"vulnerability":"VCID-ykwn-e6sw-eueh"},{"vulnerability":"VCID-zfyv-k8nv-zubd"},{"vulnerability":"VCID-zruv-x4yk-dqch"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.16.50-1~deb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89053?format=json","purl":"pkg:deb/debian/bind9@1:9.18.28-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.28-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88944?format=json","purl":"pkg:deb/debian/bind9@1:9.18.47-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qu9b-7ejp-jyaa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.18.47-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/89054?format=json","purl":"pkg:deb/debian/bind9@1:9.20.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88948?format=json","purl":"pkg:deb/debian/bind9@1:9.20.21-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.21-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/88947?format=json","purl":"pkg:deb/debian/bind9@1:9.20.23-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.23-1%3Fdistro=trixie"}],"aliases":["CVE-2024-0760"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p2qu-sjfk-afh3"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bind9@1:9.20.0-1%3Fdistro=trixie"}