CVE-2022-2795
MEDIUM5.3EPSS 0.48%bind9 - security update
Published: 9/21/2022Modified: 4/28/2026
Description
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
Affected packages (4)
- Alpine/bindfrom 0, < 9.16.33-r0
- Debian/bind9from 0, < 1:9.16.33-1~deb11u1
- Debian/bind9from 0, < 1:9.11.5.P4+dfsg-5.1+deb10u8
- Debian/bind9from 0, < 1:9.16.33-1~deb11u1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.3 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |