Lucene search
GitHub_MCVELIST:CVE-2023-31124HistoryMay 25, 2023 - 9:09 p.m.
CVE-2023-31124 AutoTools does not set CARES_RANDOM_FILE during cross compilation
2023-05-2521:09:31
CWE-330
GitHub_M
raw.githubusercontent.com
1
c-ares
asynchronous resolver
autotools
cross-compilation
vulnerability
entropy
csprng
patch
version 1.19.1
c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1.
Related
cbl_mariner
cbl_mariner
CVE-2023-31124 affecting package c-ares 1.19.0-1
2023-06-27 21:25:25
amazon
amazon
Low: c-ares
2024-01-19 01:51:00
osv
osv
CVE-2023-31124
2023-05-25 22:15:09
Important: nodejs security update
2023-06-14 00:00:00
Important: nodejs:16 security update
2023-08-31 16:54:34
ubuntucve
ubuntucve
CVE-2023-31124
2023-05-25 00:00:00
prion
prion
Cross site scripting
2023-05-25 22:15:00
nessus
nessus
Amazon Linux 2 : c-ares (ALAS-2024-2429)
2024-01-23 00:00:00
EulerOS Virtualization 2.11.0 : c-ares (EulerOS-SA-2023-3066)
2024-01-16 00:00:00
EulerOS 2.0 SP11 : c-ares (EulerOS-SA-2023-2833)
2024-01-16 00:00:00
gitlab
gitlab
Use of Insufficiently Random Values
2023-05-25 00:00:00
redhatcve
redhatcve
CVE-2023-31124
2023-05-24 04:11:20
cve
cve
CVE-2023-31124
2023-05-25 22:15:09
debiancve
debiancve
CVE-2023-31124
2023-05-25 22:15:09
cgr
cgr
CVE-2023-31124 vulnerabilities
2024-05-19 03:07:16
wolfi
wolfi
CVE-2023-31124 vulnerabilities
2024-06-02 03:07:39
openvas
openvas
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2828)
2023-09-20 00:00:00
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-3049)
2023-10-31 00:00:00
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-3066)
2023-10-31 00:00:00
redos
redos
ROS-20240404-02
2024-04-04 00:00:00
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps
2023-08-30 14:40:17
almalinux
almalinux
Important: nodejs:16 security update
2023-07-12 00:00:00
Important: nodejs:18 security update
2023-06-14 00:00:00
Moderate: c-ares security, bug fix, and enhancement update
2023-11-07 00:00:00
oraclelinux
oraclelinux
18 security update
2023-06-15 00:00:00
c-ares security, bug fix, and enhancement update
2023-11-11 00:00:00
nodejs:16 security update
2023-07-19 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: c-ares-1.19.1-1.fc37
2023-05-28 02:57:44
[SECURITY] Fedora 38 Update: c-ares-1.19.1-1.fc38
2023-05-26 01:52:50
redhat
redhat
(RHSA-2023:4039) Important: rh-nodejs14-nodejs security update
2023-07-12 07:59:32
(RHSA-2023:4034) Important: nodejs:16 security update
2023-07-12 07:52:13
(RHSA-2023:3577) Important: nodejs:18 security update
2023-06-14 07:15:12
slackware
slackware
[slackware-security] c-ares
2023-05-22 19:09:04
rocky
rocky
nodejs:16 security update
2023-08-31 16:54:34
nodejs:18 security update
2023-06-24 18:53:41
nodejs:18 security update
2023-08-31 16:54:34
gentoo
gentoo
c-ares: Multiple Vulnerabilities
2023-10-08 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0015
2023-05-29 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0084
2023-08-30 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0649
2023-09-14 00:00:00
ics
ics
Siemens SINEC NMS
2024-02-15 12:00:00
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47