cvedb.io
CVE-2017-3137
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2019-01-16T20:29:00.377 · Last modified 2026-06-17T01:17:35.653

Summary

Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8.

Affected products

isc — bind

Does this affect you?

Add your gear to cvedb and we'll alert you only when isc ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.