VDB
ALPINE-CVE-2018-5745
ALPINE-CVE-2018-5745
PUBLISHED
CVSS 4.900000095367432 MEDIUM
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's keys are replaced with keys which use an unsupported algorithm. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745.
Risk Scores
CVSS v3.1
4.900000095367432
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.6 | bind | 9.9.1_p2-r0, 0, 9.10.0-r0 |
| Alpine:v3.18 | bind | 9.12.0-r3, *, 9.7.1-r0 |
| Alpine:v3.12 | bind | *, 0, 9.10.0-r0 |
| Alpine:v3.19 | bind | *, 9.7.2-r0, 9.9.4-r0 |
| Alpine:v3.20 | bind | *, *, * |
| Alpine:v3.23 | bind | 9.9.4_p1-r1, 9.9.5-r0, 9.9.4 |
| Alpine:v3.21 | bind | 9.12.0-r3, 9.9.4, 9.9.4 |
| Alpine:v3.16 | bind | 9.10.2_p4-r0, 9.10.3-r0, 9.10.3_p3-r0 |
| Alpine:v3.13 | bind | 0, 9.9.5-r0, 9.9.4 |
| Alpine:v3.15 | bind | 0, 9.9.5-r0, 9.9.4 |
| Alpine:v3.14 | bind | 9.10.3_p4-r0, 0, 9.10.0-r0 |
| Alpine:v3.22 | bind | *, *, * |
| Alpine:v3.11 | bind | 9.10.4_p2-r1, 9.9.5-r1, 9.9.4 |
| Alpine:v3.17 | bind | 9.7.0_p1-r1, 9.9.5-r0, 9.9.4 |
| Alpine:v3.7 | bind | 9.11.0, 9.9.5-r0, 9.9.4 |
| Alpine:v3.8 | bind | 9.11.0, 9.7.2, 9.7.3-r0 |
| Alpine:v3.10 | bind | 9.12.1_p2-r0, 9.10.4-r0, 9.10.4_p5-r0 |
| Alpine:v3.9 | bind | 9.8.0, 9.8.1-r0, 9.7.2 |
Timeline
- Oct 9, 2019 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch