{"id":"AZL-46966","summary":"CVE-2024-4076 affecting package bind for versions less than 9.20.0-1","details":"Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure.\nThis issue affects BIND 9 versions 9.16.13 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.33-S1 through 9.11.37-S1, 9.16.13-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.","modified":"2026-04-01T05:16:56.057499Z","published":"2024-07-23T15:15:05Z","upstream":["CVE-2024-4076"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-4076"}],"affected":[{"package":{"name":"bind","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/bind"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.20.0-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-46966.json"}}],"schema_version":"1.7.5"}