Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2022-3736

BIND 9 resolver can crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1.

  • Published: Jan 26, 2023
  • Updated: Nov 8, 2023
  • CVE: CVE-2022-3736
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

No CWE or OWASP classifications available.

Software From Fixed in
isc / bind 9.16.11-s1 9.16.11-s1.x
isc / bind 9.16.13-s1 9.16.13-s1.x
isc / bind 9.16.21-s1 9.16.21-s1.x
isc / bind 9.16.32-s1 9.16.32-s1.x
isc / bind 9.16.14-s1 9.16.14-s1.x
isc / bind 9.19.0 9.19.9
isc / bind 9.18.0 9.18.11
isc / bind 9.16.36-s1 9.16.36-s1.x
isc / bind 9.16.12 9.16.37