--- title: "BIND 9 Security Vulnerability Matrix - 9.16" slug: "bind-9-security-vulnerability-matrix-916" description: "This BIND 9 Security Vulnerability Matrix is a record of vulnerabilities affecting the EOL BIND 9.16 branch during (or very shortly after) its lifetime. It is known to be affected by some vulnerabilities discovered after the EOL date (April 2024) but those will not be listed here." updated: 2024-12-17T13:54:06Z published: 2024-12-17T13:54:06Z canonical: "kb.isc.org/bind-9-security-vulnerability-matrix-916" --- > ## Documentation Index > Fetch the complete documentation index at: https://kb.isc.org/llms.txt > Use this file to discover all available pages before exploring further. # BIND 9 Security Vulnerability Matrix - 9.16 The BIND versions listed in this article are EOL This BIND 9 Security Vulnerability Matrix is a record of vulnerabilities affecting the EOL BIND 9.16 branch during (or very shortly after) its lifetime. It is known to be affected by some vulnerabilities discovered after the EOL date (April 2024) but those will not be listed here. This article has two parts: - The first part is a table listing all of the vulnerabilities covered by this page. The first column is a reference number for use in the tables in the second part. The second column is the CVE (Common Vulnerabilities and Exposure) number for the vulnerability, linked to its page on [cve.mitre.org](http://cve.mitre.org/). The third column is a short description of the vulnerability, linked (where possible) to our Knowledgebase article on the vulnerability. - The second part is a table listing all of the releases in this branch along the side and vulnerabilities along the top. If a vulnerability number is less than the lowest column heading, that branch does not have any versions with it. If a vulnerability number is greater than the highest column heading, that branch has not been tested and should be assumed to be vulnerable. See the [matrix for current branches](https://kb.isc.org/docs/aa-00913) for more information about how to interpret these tables. We do not generally list alpha, beta, or release candidate (RC) versions here, and recommend that you use only released software in any environment in which security could be an issue. [This page](https://www.isc.org/software/version-numbering) explains our version numbering system. Using obsolete versions of BIND We recommend that you not use obsolete versions of any ISC software. It was updated for a reason. #### Listing of Vulnerabilities affecting BIND 9.16 | # | CVE Number | Short Description | | --- | --- | --- | | 155 | [2024-4076](https://www.cve.org/CVERecord?id=CVE-2024-4076) | [Assertion failure when serving both stale cache data and authoritative zone content](/v1/docs/cve-2024-4076) | | 154 | [2024-1975](https://www.cve.org/CVERecord?id=CVE-2024-1975) | [SIG(0) can be used to exhaust CPU resources](/v1/docs/cve-2024-1975) | | 153 | [2024-1737](https://www.cve.org/CVERecord?id=CVE-2024-1737) | [BIND’s database will be slow if a very large number of RRs exist at the same name](/v1/docs/cve-2024-1737) | | 152 | [2024-0760](https://www.cve.org/CVERecord?id=CVE-2024-0760) | [A flood of DNS messages over TCP may make the server unstable](/v1/docs/cve-2024-0760) | | 151 | [2023-50868](https://www.cve.org/CVERecord?id=CVE-2023-50868) | [Preparing an NSEC3 closest encloser proof can exhaust CPU resources](/v1/docs/cve-2023-50868) | | 150 | [2023-50387](https://www.cve.org/CVERecord?id=CVE-2023-50387) | [KeyTrap - Extreme CPU consumption in DNSSEC validator](/v1/docs/cve-2023-50387) | | 149 | [2023-6516](https://www.cve.org/CVERecord?id=CVE-2023-6516) | [Specific recursive query patterns may lead to an out-of-memory condition](/v1/docs/cve-2023-6516) | | 148 | [2023-5680](https://www.cve.org/CVERecord?id=CVE-2023-5680) | [Cleaning an ECS-enabled cache may cause excessive CPU load](/v1/docs/cve-2023-5680) | | 147 | [2023-5679](https://www.cve.org/CVERecord?id=CVE-2023-5679) | [Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution](/v1/docs/cve-2023-5679) | | 146 | [2023-5517](https://www.cve.org/CVERecord?id=CVE-2023-5517) | [Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled](/v1/docs/cve-2023-5517) | | 145 | [2023-4408](https://www.cve.org/CVERecord?id=CVE-2023-4408) | [Parsing large DNS messages may cause excessive CPU load](/v1/docs/cve-2023-4408) | | 144 | [2023-4236](https://www.cve.org/CVERecord?id=CVE-2023-4236) | [named may terminate unexpectedly under high DNS-over-TLS query load](/v1/docs/cve-2023-4236) | | 143 | [2023-3341](https://www.cve.org/CVERecord?id=CVE-2023-3341) | [A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly](/v1/docs/cve-2023-3341) | | 142 | [2023-2911](https://www.cve.org/CVERecord?id=CVE-2023-2911) | [Exceeding the recursive-clients quota may cause named to terminate unexpectedly when stale-answer-client-timeout is set to 0](/v1/docs/cve-2023-2911) | | 141 | [2023-2829](https://www.cve.org/CVERecord?id=CVE-2023-2829) | [Malformed NSEC records can cause named to terminate unexpectedly when synth-from-dnssec is enabled](/v1/docs/cve-2023-2829) | | 140 | [2023-2828](https://www.cve.org/CVERecord?id=CVE-2023-2828) | [named's configured cache size limit can be significantly exceeded](/v1/docs/cve-2023-2828) | | 139 | [2022-3924](https://www.cve.org/CVERecord?id=CVE-2022-3924) | [named configured to answer from stale cache may terminate unexpectedly at recursive-clients soft quota](/v1/docs/cve-2022-3924) | | 138 | [2022-3736](https://www.cve.org/CVERecord?id=CVE-2022-3736) | [named configured to answer from stale cache may terminate unexpectedly while processing RRSIG queries](/v1/docs/cve-2022-3736) | | 137 | [2022-3488](https://www.cve.org/CVERecord?id=CVE-2022-3488) | [BIND Supported Preview Edition named may terminate unexpectedly when processing ECS options in repeated responses to iterative queries](/v1/docs/cve-2022-3488) | | 136 | [2022-3094](https://www.cve.org/CVERecord?id=CVE-2022-3094) | [An UPDATE message flood may cause named to exhaust all available memory](/v1/docs/cve-2022-3094) | | 135 | [2022-38178](https://www.cve.org/CVERecord?id=CVE-2022-38178) | [Memory leaks in EdDSA DNSSEC verification code](https://kb.isc.org/v1/docs/cve-2022-38178) | | 134 | [2022-38177](https://www.cve.org/CVERecord?id=CVE-2022-38177) | [Memory leak in ECDSA DNSSEC verification code](https://kb.isc.org/v1/docs/cve-2022-38177) | | 133 | [2022-3080](https://www.cve.org/CVERecord?id=CVE-2022-3080) | [BIND 9 resolvers configured to answer from stale cache with zero stale-answer-timeout may terminate unexpectedly](https://kb.isc.org/v1/docs/cve-2022-3080) | | 132 | [2022-2906](https://www.cve.org/CVERecord?id=CVE-2022-2906) | [Memory leaks in code handling Diffie-Hellman key exchange via TKEY RRs (OpenSSL 3.0.0+ only)](https://kb.isc.org/v1/docs/cve-2022-2906) | | 131 | [2022-2881](https://www.cve.org/CVERecord?id=CVE-2022-2881) | [Buffer overread in statistics channel code](https://kb.isc.org/v1/docs/cve-2022-2881) | | 130 | [2022-2795](https://www.cve.org/CVERecord?id=CVE-2022-2795) | [Processing large delegations may severely degrade resolver performance](https://kb.isc.org/v1/docs/cve-2022-2795) | | 129 | [2022-1183](https://www.cve.org/CVERecord?id=CVE-2022-1183) | [Destroying TLS session early triggers assertion failure](https://kb.isc.org/v1/docs/cve-2022-1183) | | 128 | [2022-0667](https://www.cve.org/CVERecord?id=CVE-2022-0667) | [Assertion failure on delayed DS lookup](https://kb.isc.org/v1/docs/cve-2022-0667) | | 127 | [2022-0635](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0635) | [DNAME insist with synth-from-dnssec enabled](https://kb.isc.org/v1/docs/cve-2022-0635) | | 126 | [2022-0396](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396) | [DoS from specifically crafted TCP packets](https://kb.isc.org/v1/docs/cve-2022-0396) | | 125 | [2021-25220](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220) | [DNS forwarders - cache poisoning vulnerability](https://kb.isc.org/v1/docs/cve-2021-25220) | | 124 | [2021-25219](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25219) | [Lame cache can be abused to severely degrade resolver performance](https://kb.isc.org/v1/docs/cve-2021-25219) | | 123 | [2021-25218](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25218) | [A too-strict assertion check could be triggered when responses in BIND 9.16.19 and 9.17.16 require UDP fragmentation if RRL is in use](https://kb.isc.org/v1/docs/cve-2021-25218) | | 122 | [2021-25216](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25216) | [A vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack](https://kb.isc.org/v1/docs/cve-2021-25216) | | 121 | [2021-25215](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25215) | [Crash while answering queries for DNAME records that require the DNAME to be processed to resolve itself](https://kb.isc.org/v1/docs/cve-2021-25215) | | 120 | [2021-25214](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25214) | [A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly](https://kb.isc.org/v1/docs/cve-2021-25214) | | 119 | [2020-8625](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8625) | [A vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack](https://kb.isc.org/v1/docs/cve-2020-8625) | | 118 | [2020-8624](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8624) | [update-policy" rules of type "subdomain" are enforced incorrectly](https://kb.isc.org/v1/docs/cve-2020-8624) | | 117 | [2020-8623](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8623) | [A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c](https://kb.isc.org/v1/docs/cve-2020-8623) | | 116 | [2020-8622](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8622) | [A truncated TSIG response can lead to an assertion failure](https://kb.isc.org/v1/docs/cve-2020-8622) | | 115 | [2020-8621](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8621) | [Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c"](https://kb.isc.org/v1/docs/cve-2020-8621) | | 114 | [2020-8620](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8620) | [A specially crafted large TCP payload can trigger an assertion failure in tcpdns.c](https://kb.isc.org/v1/docs/cve-2020-8620) | | 113 | [2020-8619](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619) | [An asterisk character in an empty non-terminal can cause an assertion failure in rbtdb.c](https://kb.isc.org/v1/docs/cve-2020-8619) | | 112 | [2020-8618](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8618) | [A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer](https://kb.isc.org/v1/docs/cve-2020-8618) | | 111 | [2020-8617](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8617) | [A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c](https://kb.isc.org/v1/docs/cve-2020-8617) | | 110 | [2020-8616](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8616) | [BIND does not sufficiently limit the number of fetches when chasing referrals](https://kb.isc.org/v1/docs/cve-2020-8616) | | 109 | [2019-6477](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6477) | [TCP-pipelined queries can bypass tcp-clients limit](https://kb.isc.org/v1/docs/cve-2019-6477) | | 108 | [2019-6476](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6476) | [An error in QNAME minimization code can cause BIND to exit with an assertion failure](https://kb.isc.org/v1/docs/cve-2019-6476) | | 107 | [2019-6475](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6475) | [A flaw in mirror zone validity checking can allow zone data to be spoofed](https://kb.isc.org/v1/docs/cve-2019-6475) | | 106 | [2019-6471](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6471) | [A race condition when discarding malformed packets can cause BIND to exit with an assertion failure](https://kb.isc.org/v1/docs/cve-2019-6471) | | 105 | [2019-6469](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6469) | [BIND Supported Preview Edition can exit with an assertion failure if ECS is in use](https://kb.isc.org/v1/docs/cve-2019-6469) | | 104 | [2019-6468](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6468) | [BIND Supported Preview Edition can exit with an assertion failure if nxdomain-redirect is used](https://kb.isc.org/v1/docs/cve-2019-6468) | | 103 | [2019-6467](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6467) | [An error in the nxdomain redirect feature can cause BIND to exit with an INSIST assertion failure in query.c](https://kb.isc.org/v1/docs/cve-2019-6467) | | 102 | [2018-5743](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743) | [Limiting simultaneous TCP clients is ineffective](https://kb.isc.org/v1/docs/cve-2018-5743) | Why don't the reference numbers begin at 1? To reduce confusion we preserve the reference number across all of our articles and tables; to reduce clutter we have pared down the entries to only those listed in the table for this branch. #### BIND 9.16 (EOL April 2024. Final matrix update 2024-12-17) | ver/CVE | [110](https://kb.isc.org/v1/docs/cve-2020-8616) | [111](https://kb.isc.org/v1/docs/cve-2020-8617) | [112](https://kb.isc.org/v1/docs/cve-2020-8618) | [113](https://kb.isc.org/v1/docs/cve-2020-8619) | [114](https://kb.isc.org/v1/docs/cve-2020-8620) | [115](https://kb.isc.org/v1/docs/cve-2020-8621) | [116](https://kb.isc.org/v1/docs/cve-2020-8622) | [117](https://kb.isc.org/v1/docs/cve-2020-8623) | [118](https://kb.isc.org/v1/docs/cve-2020-8624) | [119](https://kb.isc.org/v1/docs/cve-2020-8625) | [120](https://kb.isc.org/v1/docs/cve-2021-25214) | [121](https://kb.isc.org/v1/docs/cve-2021-25215) | [122](https://kb.isc.org/v1/docs/cve-2021-25216) | [123](https://kb.isc.org/v1/docs/cve-2021-25218) | [124](https://kb.isc.org/v1/docs/cve-2021-25219) | [125](https://kb.isc.org/docs/cve-2021-25220) | [126](https://kb.isc.org/docs/cve-2022-0396) | [127](https://kb.isc.org/v1/docs/cve-2022-0635) | [128](https://kb.isc.org/v1/docs/cve-2022-0667) | [129](https://kb.isc.org/v1/docs/cve-2022-1183) | [130](https://kb.isc.org/v1/docs/cve-2022-2795) | [131](https://kb.isc.org/v1/docs/cve-2022-2881) | [132](https://kb.isc.org/v1/docs/cve-2022-2906) | [133](https://kb.isc.org/v1/docs/cve-2022-3080) | [134](https://kb.isc.org/v1/docs/cve-2022-38177) | [135](https://kb.isc.org/v1/docs/cve-2022-38178) | [136](/v1/docs/cve-2022-3094) | [137](/v1/docs/cve-2022-3488) | [138](/v1/docs/cve-2022-3736) | [139](/v1/docs/cve-2022-3924) | [140](/v1/docs/cve-2023-2828) | [141](/v1/docs/cve-2023-2829) | [142](/v1/docs/cve-2023-2911) | [143](/v1/docs/cve-2023-3341) | [144](/v1/docs/cve-2023-4236) | [145](/v1/docs/cve-2023-4408) | [146](/v1/docs/cve-2023-5517) | [147](/v1/docs/cve-2023-5679) | [148](/v1/docs/cve-2023-5680) | [149](/v1/docs/cve-2023-6516) | [150](/v1/docs/cve-2023-50387) | [151](/v1/docs/cve-2023-50868) | [152](/v1/docs/cve-2024-0760) | [153](/v1/docs/cve-2024-1737) | [154](/v1/docs/cve-2024-1975) | [155](/v1/docs/cve-2024-4076) | | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | | 9.16.50 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | + | + | | 9.16.49 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | + | + | | 9.16.48 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | + | + | | ~~9.16.47~~ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | + | + | | ~~9.16.46~~ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | + | | + | + | + | | 9.16.45 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | + | + | | + | + | + | | + | + | + | | 9.16.44 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | + | + | | + | + | + | | + | + | + | | 9.16.43 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.42 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.41 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | | + | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.40 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | | + | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.39 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | | + | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.38 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | | + | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.37 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | | + | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.36 | | | | | | | | | | | | | | | | | | | | | | | | | | | + | | + | + | + | | + | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.35 | | | | | | | | | | | | | | | | | | | | | | | | | | | + | | + | + | + | | + | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.34 | | | | | | | | | | | | | | | | | | | | | | | | | | | + | | + | + | + | | + | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.33 | | | | | | | | | | | | | | | | | | | | | | | | | | | + | | + | + | + | | + | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.32 | | | | | | | | | | | | | | | | | | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.31 | | | | | | | | | | | | | | | | | | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.30 | | | | | | | | | | | | | | | | | | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.29 | | | | | | | | | | | | | | | | | | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.28 | | | | | | | | | | | | | | | | | | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.27 | | | | | | | | | | | | | | | | | | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.26 | | | | | | | | | | | | | | | | + | + | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.25 | | | | | | | | | | | | | | | | + | + | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.24 | | | | | | | | | | | | | | | | + | + | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.23 | | | | | | | | | | | | | | | | + | + | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.22 | | | | | | | | | | | | | | | | + | + | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.21 | | | | | | | | | | | | | | | + | + | + | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.20 | | | | | | | | | | | | | | | + | + | + | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.19 | | | | | | | | | | | | | | + | + | + | + | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.18 | | | | | | | | | | | | | | | + | + | + | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.17 | | | | | | | | | | | | | | | + | + | + | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.16 | | | | | | | | | | | | | | | + | + | + | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.15 | | | | | | | | | | | | | | | + | + | + | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | ~~9.16.14~~ | | | | | | | | | | | | | | | + | + | + | | | | + | | | + | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.13 | | | | | | | | | | | + | + | + | | + | + | + | | | | + | | | | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | + | | 9.16.12 | | | | | | | | | | | + | + | + | | + | + | + | | | | + | | | | + | + | + | | + | + | + | | | + | | + | + | + | | + | + | + | | + | + | | | 9.16.11 | | | | | | | | | | + | + | + | + | | + | + | + | | | | + | | | | + | + | + | | | | + | | | + | | + | + | + | | + | + | + | | + | + | | | 9.16.10 | | | | | | | | | | + | + | + | + | | + | | + | | | | + | | | | + | + | + | | | | + | | | + | | + | + | + | | + | + | + | | + | + | | | 9.16.9 | | | | | | | | | | + | + | + | + | | + | | + | | | | + | | | | + | + | + | | | | + | | | + | | + | + | + | | + | + | + | | + | + | | | 9.16.8 | | | | | | | | | | + | + | + | + | | + | | + | | | | + | | | | + | + | + | | | | + | | | + | | + | + | + | | + | + | + | | + | + | | | 9.16.7 | | | | | | | | | | + | + | + | + | | + | | + | | | | + | | | | + | + | + | | | | + | | | + | | + | + | + | | + | + | + | | + | + | | | 9.16.6 | | | | | | | | | | + | + | + | + | | + | | + | | | | + | | | | + | + | + | | | | + | | | + | | + | + | + | | + | + | + | | + | + | | | 9.16.5 | | | | | + | + | + | + | + | + | + | + | + | | + | | + | | | | + | | | | + | + | + | | | | + | | | + | | + | + | + | | + | + | + | | + | + | | | 9.16.4 | | | | | + | + | + | + | + | + | + | + | + | | + | | + | | | | + | | | | + | + | + | | | | + | | | + | | + | + | + | | + | + | + | | + | + | | | 9.16.3 | | | + | + | + | + | + | + | + | + | + | + | + | | + | | + | | | | + | | | | + | + | + | | | | + | | | + | | + | + | + | | + | + | + | | + | + | | | 9.16.2 | + | + | + | + | + | + | + | + | + | + | + | + | + | | + | | + | | | | + | | | | + | + | + | | | | + | | | + | | + | + | + | | + | + | + | | + | + | | | 9.16.1 | + | + | + | + | + | + | + | + | + | + | + | + | + | | + | | + | | | | + | | | | + | + | + | | | | + | | | + | | + | + | + | | + | + | + | | + | + | | | 9.16.0 | + | + | + | + | + | + | + | + | + | + | + | + | + | | + | | + | | | | + | | | | + | + | + | | | | + | | | + | | + | + | + | | + | + | + | | + | + | | #### BIND 9.16 Supported Preview edition 9.16 was the the prior Supported Preview edition of BIND before 9.18. This branch reached end of maintenance in April 2024. If you would like more information on our product support, or about our BIND Subscription edition, please visit [https://www.isc.org/bind](https://www.isc.org/bind). | ver/CVE | [119](https://kb.isc.org/v1/docs/cve-2020-8625) | [120](https://kb.isc.org/v1/docs/cve-2021-25214) | [121](https://kb.isc.org/v1/docs/cve-2021-25215) | [122](https://kb.isc.org/v1/docs/cve-2021-25216) | [123](https://kb.isc.org/v1/docs/cve-2021-25218) | [124](https://kb.isc.org/v1/docs/cve-2021-25219) | [125](https://kb.isc.org/docs/cve-2021-25220) | [126](https://kb.isc.org/docs/cve-2022-0396) | [127](https://kb.isc.org/v1/docs/cve-2022-0635) | [128](https://kb.isc.org/v1/docs/cve-2022-0667) | [129](https://kb.isc.org/v1/docs/cve-2022-1183) | [130](https://kb.isc.org/v1/docs/cve-2022-2795) | [131](https://kb.isc.org/v1/docs/cve-2022-2881) | [132](https://kb.isc.org/v1/docs/cve-2022-2906) | [133](https://kb.isc.org/v1/docs/cve-2022-3080) | [134](https://kb.isc.org/v1/docs/cve-2022-38177) | [135](https://kb.isc.org/v1/docs/cve-2022-38178) | [136](/v1/docs/cve-2022-3094) | [137](/v1/docs/cve-2022-3488) | [138](/v1/docs/cve-2022-3736) | [139](/v1/docs/cve-2022-3924) | [140](/v1/docs/cve-2023-2828) | [141](/v1/docs/cve-2023-2829) | [142](/v1/docs/cve-2023-2911) | [143](/v1/docs/cve-2023-3341) | [144](/v1/docs/cve-2023-4236) | [145](/v1/docs/cve-2023-4408) | [146](/v1/docs/cve-2023-5517) | [147](/v1/docs/cve-2023-5679) | [148](/v1/docs/cve-2023-5680) | [149](/v1/docs/cve-2023-6516) | [150](/v1/docs/cve-2023-50387) | [151](/v1/docs/cve-2023-50868) | [152](/v1/docs/cve-2024-0760) | [153](/v1/docs/cve-2024-1737) | [154](/v1/docs/cve-2024-1975) | [155](/v1/docs/cve-2024-4076) | | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | | 9.16.50-S1 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | + | + | | 9.16.49-S1 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | + | + | | 9.16.48-S1 | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | + | + | | ~~9.16.47-S1~~ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | + | + | | ~~9.16.46-S1~~ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + | + | | + | + | + | | 9.16.45-S1 | | | | | | | | | | | | | | | | | | | | | | | | | | | + | + | + | + | + | + | + | | + | + | + | | 9.16.44-S1 | | | | | | | | | | | | | | | | | | | | | | | | | | | + | + | + | + | + | + | + | | + | + | + | | 9.16.43-S1 | | | | | | | | | | | | | | | | | | | | | | | | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.42-S1 | | | | | | | | | | | | | | | | | | | | | | | | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.41-S1 | | | | | | | | | | | | | | | | | | | | | | + | + | + | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.40-S1 | | | | | | | | | | | | | | | | | | | | | | + | + | + | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.39-S1 | | | | | | | | | | | | | | | | | | | | | | + | + | + | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.38-S1 | | | | | | | | | | | | | | | | | | | | | | + | + | + | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.37-S1 | | | | | | | | | | | | | | | | | | | | | | + | + | + | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.36-S1 | | | | | | | | | | | | | | | | | | + | + | + | + | + | + | + | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.35-S1 | | | | | | | | | | | | | | | | | | + | + | + | + | + | + | + | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.34-S1 | | | | | | | | | | | | | | | | | | + | + | + | + | + | + | + | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.33-S1 | | | | | | | | | | | | | | | | | | + | + | + | + | + | + | + | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.32-S1 | | | | | | | | | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.31-S1 | | | | | | | | | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.30-S1 | | | | | | | | | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.29-S1 | | | | | | | | | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.28-S1 | | | | | | | | | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.27-S1 | | | | | | | | | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.26-S1 | | | | | | | + | + | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.25-S1 | | | | | | | + | + | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.24-S1 | | | | | | | + | + | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.23-S1 | | | | | | | + | + | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.22-S1 | | | | | | | + | + | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.21-S1 | | | | | | + | + | + | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.20-S1 | | | | | | + | + | + | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.19-S1 | | | | | + | + | + | + | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.18-S1 | | | | | | + | + | + | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.17-S1 | | | | | | + | + | + | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.16-S1 | | | | | | + | + | + | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.15-S1 | | | | | | + | + | + | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | ~~9.16.14-S1~~ | | | | | | + | + | + | | | | + | | | + | + | + | + | + | + | + | + | + | | + | | | | | | | | | | + | + | + | | 9.16.13-S1 | | + | + | + | | + | + | + | | | | + | | | | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | + | | 9.16.12-S1 | | + | + | + | | + | + | + | | | | + | | | | + | + | + | + | + | + | + | + | | + | | + | + | + | + | + | + | + | | + | + | | | 9.16.11-S1 | + | + | + | + | | + | + | + | | | | + | | | | + | + | + | + | | | + | + | | + | | + | + | + | + | + | + | + | | + | + | | | 9.16.10-S1 | + | + | + | + | | + | + | | | | | + | | | | + | + | + | + | | | + | + | | + | | | | | | | | | | + | + | | | 9.16.9-S1 | + | + | + | + | | + | + | | | | | + | | | | + | + | + | + | | | + | + | | + | | + | + | + | + | + | + | + | | + | + | | | 9.16.8-S1 | + | + | + | + | | + | + | | | | | + | | | | + | + | + | + | | | + | + | | + | | + | + | + | + | + | + | + | | + | + | |