VDB
DEBIAN-CVE-2021-25220
DEBIAN-CVE-2021-25220
PUBLISHED
CVSS 6.800000190734863 MEDIUM
BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.
Risk Scores
CVSS v3.1
6.800000190734863
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | bind9 | *, 1:9.16.22-1~deb11u1, 1:9.16.22-1~deb11u1~bpo10+1 |
| Debian:12 | bind9 | 0, 0, 0 |
| Debian:14 | bind9 | 0, 0, 0 |
| Debian:13 | bind9 | 0, 0, 0 |
Timeline
- Mar 23, 2022 CVE Published
- Apr 28, 2026 CVE Updated