VDB
ALPINE-CVE-2020-8621
ALPINE-CVE-2020-8621
PUBLISHED
CVSS 7.5 HIGH
In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected.
Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.20 | bind | *, *, 9.10.0-r0 |
| Alpine:v3.17 | bind | *, 9.14.4-r3, 9.9.5-r0 |
| Alpine:v3.13 | bind | 9.9.5-r0, 9.9.3-r0, 9.9.2_p2-r0 |
| Alpine:v3.15 | bind | 0, 9.10.0-r0, 9.10.0_p2-r1 |
| Alpine:v3.12 | bind | 9.9.4_p1-r1, 9.9.5-r0, 9.9.4 |
| Alpine:v3.16 | bind | 9.6.1_p1-r0, 9.6.1_p1-r1, 9.6.1_p2-r1 |
| Alpine:v3.18 | bind | 9.10.2_p1-r1, 0, 9.10.0-r0 |
| Alpine:v3.21 | bind | 0, 9.10.0-r0, 9.10.0_p1-r0 |
| Alpine:v3.23 | bind | *, 9.14.8-r5, * |
| Alpine:v3.19 | bind | 9.9.5-r0, 9.9.4, 9.9.4 |
| Alpine:v3.14 | bind | *, *, 0 |
| Alpine:v3.10 | bind | 9.11.0_p3-r0, 9.11.0_p5-r0, 9.11.0_p5-r1 |
| Alpine:v3.22 | bind | 9.7.1_p2-r0, 9.8.0_p2-r1, 9.8.0_p4-r0 |
| Alpine:v3.11 | bind | 9.9.1-r1, 9.9.1_p1-r1, 9.9.1_p2-r1 |
Timeline
- Aug 21, 2020 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch