[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-8616":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":86,"aliases":96,"duplicate_of":9,"upstream":97,"downstream":98,"duplicates":153,"related":154,"reserved_at":9,"published_at":167,"modified_at":168,"state":169,"summary":170,"references_raw":178,"kevs":243,"epss":244,"epss_history":247,"metrics":490,"affected":502},"CVE-2020-8616","A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-400","Uncontrolled Resource Consumption","The product does not properly control the allocation and maintenance of a limited resource.","weakness","Draft","Class","High",[20,24,82],{"id":21,"name":22,"techniques":23},"CAPEC-147","XML Ping of the Death",[],{"id":25,"name":26,"techniques":27},"CAPEC-227","Sustained Client Engagement",[28],{"id":29,"name":30,"tactics":31,"countermeasures":35},"T1499","Endpoint Denial of Service",[32],{"id":33,"name":34},"TA0105","Impact",[36,41,45,49,53,57,61,65,69,73,78],{"id":37,"name":38,"tactic":39},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":40},"Detect",{"id":42,"name":43,"tactic":44},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":40},{"id":46,"name":47,"tactic":48},"D3-CSPP","Client-server Payload Profiling",{"name":40},{"id":50,"name":51,"tactic":52},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":40},{"id":54,"name":55,"tactic":56},"D3-NTSA","Network Traffic Signature Analysis",{"name":40},{"id":58,"name":59,"tactic":60},"D3-APCA","Application Protocol Command Analysis",{"name":40},{"id":62,"name":63,"tactic":64},"D3-NTCD","Network Traffic Community Deviation",{"name":40},{"id":66,"name":67,"tactic":68},"D3-RTSD","Remote Terminal Session Detection",{"name":40},{"id":70,"name":71,"tactic":72},"D3-ISVA","Inbound Session Volume Analysis",{"name":40},{"id":74,"name":75,"tactic":76},"D3-NTF","Network Traffic Filtering",{"name":77},"Isolate",{"id":79,"name":80,"tactic":81},"D3-ITF","Inbound Traffic Filtering",{"name":77},{"id":83,"name":84,"techniques":85},"CAPEC-492","Regular Expression Exponential Blowup",[],[87],{"_key":88,"name":89,"source":90,"url":91,"maturity":92,"reliability_score":93,"verified":94,"type":9,"platforms":95,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_3E7967653864CB28","Exploit Reference (nxnsattack.com)","reference","http://www.nxnsattack.com","unknown",0.2,false,[],[],[],[99,101,103,105,107,109,111,113,115,117,119,121,123,125,127,129,131,133,135,137,139,141,143,145,147,149,151],{"_key":100},"ALPINE-CVE-2020-8616",{"_key":102},"RHSA-2020:2338",{"_key":104},"RHSA-2020:2344",{"_key":106},"RHSA-2020:2345",{"_key":108},"RHSA-2020:2383",{"_key":110},"RHSA-2020:2404",{"_key":112},"RHSA-2020:3272",{"_key":114},"RHSA-2020:3378",{"_key":116},"RHSA-2020:3379",{"_key":118},"RHSA-2020:3433",{"_key":120},"RHSA-2020:3470",{"_key":122},"RHSA-2020:3471",{"_key":124},"RHSA-2020:3475",{"_key":126},"SUSE-SU-2020:1350-1",{"_key":128},"SUSE-SU-2020:14400-1",{"_key":130},"SUSE-SU-2020:1914-1",{"_key":132},"SUSE-SU-2020:2914-1",{"_key":134},"OPENSUSE-SU-2020:1699-1",{"_key":136},"OPENSUSE-SU-2020:1701-1",{"_key":138},"OPENSUSE-SU-2024:10650-1",{"_key":140},"DLA-2227-1",{"_key":142},"DSA-4689-1",{"_key":144},"MGASA-2020-0259",{"_key":146},"UBUNTU-CVE-2020-8616",{"_key":148},"USN-4365-1",{"_key":150},"USN-4365-2",{"_key":152},"DEBIAN-CVE-2020-8616",[],[155,156,157,158,159,160,161,162,163,165],{"_key":126},{"_key":128},{"_key":130},{"_key":132},{"_key":134},{"_key":136},{"_key":138},{"_key":144},{"_key":164},"CGA-86Q3-H5VR-FMPM",{"_key":166},"CGA-6CF9-V4FV-GMPQ","2020-05-19T14:05:15.798Z","2024-09-16T23:55:28.601Z","Modified",{"cisa_kev":94,"cisa_ransomware":94,"cisa_vendor":9,"epss_severity":171,"epss_score":172,"severity":173,"severity_score":174,"severity_version":175,"severity_source":176,"severity_vector":177,"severity_status":169},"medium",0.1534,"high",8.6,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",[179,187,193,199,204,208,213,217,221,225,230,234,239],{"url":180,"sources":181,"tags":183},"https://kb.isc.org/docs/cve-2020-8616",[176,182],"nvd",[184,185,186],"X Refsource CONFIRM","Patch","Vendor Advisory",{"url":91,"sources":188,"tags":189},[176,182],[190,191,192],"X Refsource MISC","Exploit","Third Party Advisory",{"url":194,"sources":195,"tags":196},"http://www.openwall.com/lists/oss-security/2020/05/19/4",[176,182],[197,198,185,192],"Mailing List","X Refsource MLIST",{"url":200,"sources":201,"tags":202},"https://www.debian.org/security/2020/dsa-4689",[176,182],[186,203,192],"X Refsource DEBIAN",{"url":205,"sources":206,"tags":207},"https://security.netapp.com/advisory/ntap-20200522-0002/",[176,182],[184],{"url":209,"sources":210,"tags":211},"https://usn.ubuntu.com/4365-2/",[176,182],[186,212],"X Refsource UBUNTU",{"url":214,"sources":215,"tags":216},"https://www.synology.com/security/advisory/Synology_SA_20_12",[176,182],[184],{"url":218,"sources":219,"tags":220},"https://usn.ubuntu.com/4365-1/",[176,182],[186,212],{"url":222,"sources":223,"tags":224},"https://lists.debian.org/debian-lts-announce/2020/05/msg00031.html",[176,182],[197,198],{"url":226,"sources":227,"tags":228},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WOGCJS2XQ3SQNF4W6GLZ73LWZJ6ZZWZI/",[176,182],[186,229],"X Refsource FEDORA",{"url":231,"sources":232,"tags":233},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKJXVBOKZ36ER3EUCR7VRB7WGHIIMPNJ/",[176,182],[186,229],{"url":235,"sources":236,"tags":237},"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html",[176,182],[186,238],"X Refsource SUSE",{"url":240,"sources":241,"tags":242},"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html",[176,182],[186,238],[],{"date":245,"score":172,"percentile":246},"2026-06-04",0.94758,[248,252,255,258,261,264,266,268,271,274,277,280,282,285,288,292,295,298,301,304,307,310,313,315,318,321,324,328,331,334,336,339,342,344,347,349,352,355,358,361,364,366,369,372,375,378,381,383,385,387,389,392,394,396,399,402,405,407,410,413,416,419,421,423,426,428,431,433,435,437,440,442,444,446,448,451,453,455,457,460,463,466,469,472,475,477,480,483,485,487],{"date":249,"score":250,"percentile":251},"2025-11-04",0.07852,0.91603,{"date":253,"score":250,"percentile":254},"2025-11-05",0.91602,{"date":256,"score":250,"percentile":257},"2025-11-06",0.91605,{"date":259,"score":250,"percentile":260},"2025-11-07",0.91608,{"date":262,"score":250,"percentile":263},"2025-11-08",0.91607,{"date":265,"score":250,"percentile":257},"2025-11-09",{"date":267,"score":250,"percentile":257},"2025-11-10",{"date":269,"score":250,"percentile":270},"2025-11-11",0.9161,{"date":272,"score":250,"percentile":273},"2025-11-12",0.91615,{"date":275,"score":250,"percentile":276},"2025-11-13",0.91617,{"date":278,"score":250,"percentile":279},"2025-11-14",0.9162,{"date":281,"score":250,"percentile":276},"2025-11-15",{"date":283,"score":250,"percentile":284},"2025-11-16",0.91626,{"date":286,"score":250,"percentile":287},"2025-11-17",0.91628,{"date":289,"score":290,"percentile":291},"2025-11-18",0.30107,0.96415,{"date":293,"score":290,"percentile":294},"2025-11-19",0.96416,{"date":296,"score":290,"percentile":297},"2025-11-20",0.96417,{"date":299,"score":250,"percentile":300},"2025-11-21",0.91637,{"date":302,"score":250,"percentile":303},"2025-11-22",0.91635,{"date":305,"score":250,"percentile":306},"2025-11-23",0.9164,{"date":308,"score":250,"percentile":309},"2025-11-24",0.91642,{"date":311,"score":250,"percentile":312},"2025-11-25",0.91641,{"date":314,"score":250,"percentile":312},"2025-11-26",{"date":316,"score":250,"percentile":317},"2025-11-27",0.91639,{"date":319,"score":250,"percentile":320},"2025-11-28",0.9163,{"date":322,"score":250,"percentile":323},"2025-11-29",0.91656,{"date":325,"score":326,"percentile":327},"2025-11-30",0.19877,0.95228,{"date":329,"score":326,"percentile":330},"2025-12-01",0.95265,{"date":332,"score":326,"percentile":333},"2025-12-02",0.95264,{"date":335,"score":326,"percentile":330},"2025-12-03",{"date":337,"score":326,"percentile":338},"2025-12-04",0.95227,{"date":340,"score":326,"percentile":341},"2025-12-05",0.9523,{"date":343,"score":326,"percentile":341},"2025-12-06",{"date":345,"score":326,"percentile":346},"2025-12-07",0.95235,{"date":348,"score":326,"percentile":346},"2025-12-08",{"date":350,"score":326,"percentile":351},"2025-12-09",0.95239,{"date":353,"score":326,"percentile":354},"2025-12-10",0.95243,{"date":356,"score":326,"percentile":357},"2025-12-11",0.95245,{"date":359,"score":326,"percentile":360},"2025-12-12",0.95246,{"date":362,"score":326,"percentile":363},"2025-12-13",0.95247,{"date":365,"score":326,"percentile":354},"2025-12-14",{"date":367,"score":326,"percentile":368},"2025-12-15",0.95248,{"date":370,"score":326,"percentile":371},"2025-12-16",0.9525,{"date":373,"score":326,"percentile":374},"2025-12-17",0.95252,{"date":376,"score":326,"percentile":377},"2025-12-18",0.95255,{"date":379,"score":326,"percentile":380},"2025-12-19",0.95256,{"date":382,"score":326,"percentile":380},"2025-12-20",{"date":384,"score":326,"percentile":380},"2025-12-21",{"date":386,"score":326,"percentile":377},"2025-12-22",{"date":388,"score":326,"percentile":377},"2025-12-23",{"date":390,"score":326,"percentile":391},"2025-12-24",0.9526,{"date":393,"score":326,"percentile":333},"2025-12-25",{"date":395,"score":326,"percentile":333},"2025-12-26",{"date":397,"score":326,"percentile":398},"2025-12-27",0.9529,{"date":400,"score":326,"percentile":401},"2025-12-28",0.95258,{"date":403,"score":326,"percentile":404},"2025-12-29",0.95259,{"date":406,"score":326,"percentile":391},"2025-12-30",{"date":408,"score":326,"percentile":409},"2025-12-31",0.95263,{"date":411,"score":326,"percentile":412},"2026-01-01",0.95303,{"date":414,"score":326,"percentile":415},"2026-01-02",0.95299,{"date":417,"score":326,"percentile":418},"2026-01-03",0.95296,{"date":420,"score":326,"percentile":371},"2026-01-04",{"date":422,"score":326,"percentile":368},"2026-01-05",{"date":424,"score":326,"percentile":425},"2026-01-06",0.95249,{"date":427,"score":326,"percentile":425},"2026-01-07",{"date":429,"score":326,"percentile":430},"2026-01-08",0.95254,{"date":432,"score":326,"percentile":377},"2026-01-09",{"date":434,"score":326,"percentile":380},"2026-01-10",{"date":436,"score":326,"percentile":380},"2026-01-11",{"date":438,"score":326,"percentile":439},"2026-01-12",0.95257,{"date":441,"score":326,"percentile":430},"2026-01-13",{"date":443,"score":326,"percentile":404},"2026-01-14",{"date":445,"score":326,"percentile":391},"2026-01-15",{"date":447,"score":326,"percentile":409},"2026-01-16",{"date":449,"score":326,"percentile":450},"2026-01-17",0.95266,{"date":452,"score":326,"percentile":330},"2026-01-18",{"date":454,"score":326,"percentile":333},"2026-01-19",{"date":456,"score":326,"percentile":333},"2026-01-20",{"date":458,"score":326,"percentile":459},"2026-01-21",0.95268,{"date":461,"score":326,"percentile":462},"2026-01-22",0.95271,{"date":464,"score":326,"percentile":465},"2026-01-23",0.95275,{"date":467,"score":326,"percentile":468},"2026-01-24",0.95278,{"date":470,"score":326,"percentile":471},"2026-01-25",0.95282,{"date":473,"score":326,"percentile":474},"2026-01-26",0.95283,{"date":476,"score":326,"percentile":471},"2026-01-27",{"date":478,"score":326,"percentile":479},"2026-01-28",0.95284,{"date":481,"score":326,"percentile":482},"2026-01-29",0.95287,{"date":484,"score":326,"percentile":482},"2026-01-30",{"date":486,"score":326,"percentile":398},"2026-01-31",{"date":488,"score":326,"percentile":489},"2026-02-01",0.95325,[491,496],{"source":176,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":492,"cvss_v4_0":9},{"baseScore":174,"baseSeverity":493,"vectorString":177,"impactScore":494,"exploitabilityScore":495},"HIGH",6.7,10,{"source":182,"cvss_v2_0":497,"cvss_v3_0":9,"cvss_v3_1":501,"cvss_v4_0":9},{"baseScore":498,"baseSeverity":9,"vectorString":499,"impactScore":500,"exploitabilityScore":495},5,"AV:N/AC:L/Au:N/C:N/I:N/A:P",2.9,{"baseScore":174,"baseSeverity":493,"vectorString":177,"impactScore":494,"exploitabilityScore":495},[503,514,571],{"ecosystem":9,"name":504,"vendor":505,"product":506,"cpe_part":507,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":508},"debian linux","debian","debian_linux","o",[509,512],{"version":510,"is_range":94,"range_type":511,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0","cpe",{"version":513,"is_range":94,"range_type":511,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0",{"ecosystem":9,"name":515,"vendor":516,"product":515,"cpe_part":517,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":518},"bind","isc","a",[519,525,529,533,537,541,545,549,551,553,555,557,559,561,563,565,567,569],{"version":520,"is_range":521,"range_type":511,"version_start":522,"version_start_type":523,"version_end":524,"version_end_type":523,"fixed_in":9},"gte9.0.0_lte9.11.18",true,"9.0.0","including","9.11.18",{"version":526,"is_range":521,"range_type":511,"version_start":527,"version_start_type":523,"version_end":528,"version_end_type":523,"fixed_in":9},"gte9.12.0_lte9.12.4","9.12.0","9.12.4",{"version":530,"is_range":521,"range_type":511,"version_start":531,"version_start_type":523,"version_end":532,"version_end_type":523,"fixed_in":9},"gte9.13.0_lte9.13.7","9.13.0","9.13.7",{"version":534,"is_range":521,"range_type":511,"version_start":535,"version_start_type":523,"version_end":536,"version_end_type":523,"fixed_in":9},"gte9.14.0_lte9.14.11","9.14.0","9.14.11",{"version":538,"is_range":521,"range_type":511,"version_start":539,"version_start_type":523,"version_end":540,"version_end_type":523,"fixed_in":9},"gte9.15.0_lte9.15.6","9.15.0","9.15.6",{"version":542,"is_range":521,"range_type":511,"version_start":543,"version_start_type":523,"version_end":544,"version_end_type":523,"fixed_in":9},"gte9.16.0_lte9.16.2","9.16.0","9.16.2",{"version":546,"is_range":521,"range_type":511,"version_start":547,"version_start_type":523,"version_end":548,"version_end_type":523,"fixed_in":9},"gte9.17.0_lte9.17.1","9.17.0","9.17.1",{"version":550,"is_range":94,"range_type":511,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.12.4:p1",{"version":552,"is_range":94,"range_type":511,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.12.4:p2",{"version":554,"is_range":94,"range_type":511,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.9.3:s1",{"version":556,"is_range":94,"range_type":511,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.10.5:s1",{"version":558,"is_range":94,"range_type":511,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.10.7:s1",{"version":560,"is_range":94,"range_type":511,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.11.3:s1",{"version":562,"is_range":94,"range_type":511,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.11.5:s3",{"version":564,"is_range":94,"range_type":511,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.11.5:s5",{"version":566,"is_range":94,"range_type":511,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.11.6:s1",{"version":568,"is_range":94,"range_type":511,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.11.7:s1",{"version":570,"is_range":94,"range_type":511,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.11.8:s1",{"ecosystem":9,"name":572,"vendor":516,"product":573,"cpe_part":517,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":574},"BIND9","bind9",[575],{"version":576,"is_range":94,"range_type":176,"version_start":576,"version_start_type":523,"version_end":576,"version_end_type":523,"fixed_in":9},"9.0.0 -> 9.11.18, 9.12.0 -> 9.12.4-P2, 9.14.0 -> 9.14.11, 9.16.0 -> 9.16.2, and releases 9.17.0 -> 9.17.1 of the 9.17 experimental development branch. All releases in the obsolete 9.13 and 9.15 development branches. All releases of BIND Supported Preview Edition from 9.9.3-S1 -> 9.11.18-S1"]