Page 3 of 11 results (0.009 seconds)
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2022-1183 – Destroying a TLS session early causes assertion failure
https://notcve.org/view.php?id=CVE-2022-1183
On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS (DoT) and DNS over HTTPS (DoH), but configurations using DoT alone are unaffected. Affects BIND 9.18.0 -> 9.18.2 and version 9.19.0 of the BIND 9.19 development branch. En configuraciones vulnerables, el demonio nombrado puede, en algunas circunstancias, terminar con un fallo de aserción. • https://kb.isc.org/docs/cve-2022-1183 https://security.netapp.com/advisory/ntap-20220707-0002 • CWE-617: Reachable Assertion •