CVE-2018-5745

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-5745
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5745.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-5745
Downstream
Related
Published
2019-10-09T16:15:14Z
Modified
2026-02-26T09:07:58.151886Z
Severity
  • 4.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's keys are replaced with keys which use an unsupported algorithm. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745.

References

Affected packages

Git / github.com/isc-projects/bind9

Affected ranges

Type
GIT
Repo
https://github.com/isc-projects/bind9
Events
Introduced
3514c49b2fbcdf95b2735878e2487fce9a3ddad5
Last affected
db65d701b999d10e555c13454bceb74df4494975
Introduced
71a40862c0be867999867cd99e21c2266a5e452b
Last affected
3631aeb0709b460afc66ca8bff609bf93ef24bec

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5745.json"

Git / gitlab.isc.org/isc-projects/bind9

Affected ranges

Type
GIT
Repo
https://gitlab.isc.org/isc-projects/bind9
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
58d2f2e260133da87589aaebfb5ce5dea83188ee
Introduced
1477c19dd9a347ee19a42dac227f299a4680506f
Last affected
2fe4344de48d6061bef5a4000066a99a7c1296a6
Introduced
29b3a7d84240a51099490c0f39ae537f4e0d6a7a
Last affected
69183ace2ac45a6d6c90c7c42d43e146c1063fcb
Introduced
9cdb62d234d6219331babe37b15afaad52a56082
Last affected
3631aeb0709b460afc66ca8bff609bf93ef24bec
Introduced
d860f5ef9e43fc8862f3044277a0361488b62567
Last affected
db65d701b999d10e555c13454bceb74df4494975

Affected versions

Other
alessio/regression/026024a6ae
alessio/regression/227add4c3e
alessio/regression/2ebcafd8c2
alessio/regression/a26055f03e
v9.*
v9.13.0
v9.13.2
v9.13.3
v9.13.4
v9.13.5
v9.13.6
v9.15.0
v9.15.2
v9.15.3
v9.15.4
v9.15.5
v9.15.6
v9.15.7
v9.15.8
v9.17.4
v9.19.0
v9.19.1
v9.19.10
v9.19.11
v9.19.12
v9.19.13
v9.19.14
v9.19.15
v9.19.16
v9.19.17
v9.19.18
v9.19.19
v9.19.2
v9.19.21
v9.19.22
v9.19.23
v9.19.24
v9.19.3
v9.19.4
v9.19.5
v9.19.6
v9.19.7
v9.19.8
v9.19.9
v9.20.0
v9.21.0
v9.21.1
v9.21.10
v9.21.11
v9.21.12
v9.21.14
v9.21.15
v9.21.16
v9.21.17
v9.21.18
v9.21.2
v9.21.3
v9.21.4
v9.21.5
v9.21.6
v9.21.7
v9.21.8
v9.21.9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5745.json"