VDB
ALPINE-CVE-2021-25220
ALPINE-CVE-2021-25220
PUBLISHED
CVSS 6.800000190734863 MEDIUM
BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.
Risk Scores
CVSS v3.1
6.800000190734863
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Alpine:v3.17 | bind | 9.11.0_p5-r1, 9.11.1_p1-r0, 9.11.1_p2-r0 |
| Alpine:v3.15 | bind | 9.16.11-r0, 0, 9.10.0-r0 |
| Alpine:v3.22 | bind | *, *, 9.9.0-r0 |
| Alpine:v3.21 | bind | 9.10.2_p2-r0, 0, 9.10.0_p2-r0 |
| Alpine:v3.16 | bind | *, 9.10.4-r0, 9.11.2-r2 |
| Alpine:v3.23 | bind | 9.16.8-r0, 9.11.2-r0, 9.11.1_p2-r2 |
| Alpine:v3.12 | bind | 9.7.3-r0, 0, 9.10.0-r0 |
| Alpine:v3.18 | bind | 9.9.5-r0, 9.11.1_p2-r1, 9.10.4-r0 |
| Alpine:v3.13 | bind | 9.10.4, 9.10.4, 9.10.4 |
| Alpine:v3.20 | bind | 9.6.0, 0, 9.10.0_p1-r0 |
| Alpine:v3.14 | bind | 9.11.2-r1, 0, 9.10.0-r0 |
| Alpine:v3.19 | bind | *, 9.10.4_p3-r0, * |
Timeline
- Mar 23, 2022 CVE Published
- Dec 3, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch