c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named ‘ares’, written by Greg Hudson at MIT.

OSVersionArchitecturePackageVersionFilename
Fedora33anyc-ares< 1.17.0UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Fedora	33	any	c-ares	< 1.17.0	UNKNOWN

nessus 38

photon 10

altlinux 3

ibm 21

suse 4

fedora 3

veracode 1

osv 6

redhatcve 1

gentoo 2

ubuntu 1

openvas 15

githubexploit 2

cve 1

archlinux 1

hackerone 1

freebsd 2

alpinelinux 1

gitlab 1

debiancve 1

cbl_mariner 2

nodejsblog 1

f5 1

ubuntucve 1

prion 1

almalinux 2

rosalinux 1

oraclelinux 2

redhat 4

rocky 2

oracle 5

nessus

EulerOS 2.0 SP9 : c-ares (EulerOS-SA-2021-1920)

2021-06-03 00:00:00

Fedora 32 : mingw-c-ares (2021-afed2b904e)

2021-02-25 00:00:00

openSUSE Security Update : c-ares (openSUSE-2020-2045)

2020-11-30 00:00:00

photon

Important Photon OS Security Update - PHSA-2021-0209

2021-03-23 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0378

2021-04-07 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0337

2021-04-17 00:00:00

altlinux

Security fix for the ALT Linux 9 package node version 14.15.1-alt1

2020-11-26 00:00:00

Security fix for the ALT Linux 10 package node version 14.15.1-alt1

2020-11-16 00:00:00

Security fix for the ALT Linux 9 package c-ares version 1.16.1-alt2

2020-11-19 00:00:00

ibm

Security Bulletin: IBM API Connect is vulnerable to denial of service (DoS) via Node.js (CVE-2020-8277)

2021-03-06 17:41:55

Security Bulletin: Version 12.18.4 of Node.js included in IBM Netcool Operations Insight 1.6.2.x has a security vulnerability

2020-12-15 18:47:16

Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to a denial of service attack through a DNS lookup that returns a large number of responses (CVE-2020-8277)

2021-04-29 11:10:23

suse

Security update for c-ares (moderate)

2020-11-28 00:00:00

Security update for c-ares (moderate)

2020-11-26 00:00:00

Security update for nodejs14 (moderate)

2021-01-15 00:00:00

fedora

[SECURITY] Fedora 32 Update: mingw-c-ares-1.17.1-1.fc32

2021-02-24 20:46:53

[SECURITY] Fedora 33 Update: mingw-c-ares-1.17.1-1.fc33

2021-02-24 20:42:29

[SECURITY] Fedora 32 Update: c-ares-1.17.0-1.fc32

2020-12-04 00:30:19

veracode

Denial Of Service (DoS)

2020-12-02 09:51:12

osv

BIT-node-2020-8277

2024-03-06 11:07:32

CVE-2020-8277

2020-11-19 01:15:12

Moderate: nodejs:12 security and bug fix update

2020-12-15 16:03:21

redhatcve

CVE-2020-8277

2020-11-17 14:43:07

gentoo

c-ares: Denial of service

2020-12-23 00:00:00

NodeJS: Multiple vulnerabilities

2021-01-11 00:00:00

ubuntu

c-ares vulnerability

2020-11-19 00:00:00

openvas

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2021-1756)

2021-04-13 00:00:00

Fedora: Security Advisory for mingw-c-ares (FEDORA-2021-ee913722db)

2021-02-25 00:00:00

Fedora: Security Advisory for mingw-c-ares (FEDORA-2021-afed2b904e)

2021-02-25 00:00:00

githubexploit

Exploit for Uncontrolled Resource Consumption in Nodejs Node.Js

2020-11-18 10:57:13

Exploit for Uncontrolled Resource Consumption in Nodejs Node.Js

2021-07-10 20:42:11

cve

CVE-2020-8277

2020-11-19 01:15:00

archlinux

[ASA-202011-18] c-ares: denial of service

2020-11-19 00:00:00

hackerone

Node.js: DNS Max Responses for DOS

2020-11-12 18:32:25

freebsd

Node.js -- November 2020 Security Releases

2020-11-16 00:00:00

MySQL -- Multiple vulnerabilities

2021-04-20 00:00:00

alpinelinux

CVE-2020-8277

2020-11-19 01:15:00

gitlab

Uncontrolled Resource Consumption

2020-11-19 00:00:00

debiancve

CVE-2020-8277

2020-11-19 01:15:00

cbl_mariner

CVE-2020-8277 affecting package python-gevent for versions less than 21.1.2-3

2024-04-25 09:08:17

CVE-2020-8277 affecting package c-ares 1.14.0-3

2021-04-06 23:50:04

nodejsblog

November 2020 Security Releases

2020-11-16 00:00:00

K07944249 : Node.js vulnerability CVE-2020-8277

2021-02-24 00:00:00

ubuntucve

CVE-2020-8277

2020-11-17 00:00:00

prion

Cross site request forgery (csrf)

2020-11-19 01:15:00

almalinux

Moderate: nodejs:12 security and bug fix update

2020-12-15 16:03:21

Moderate: nodejs:14 security and bug fix update

2021-02-16 07:34:42

rosalinux

Advisory ROSA-SA-2021-1811

2021-07-02 16:34:46

oraclelinux

nodejs:12 security and bug fix update

2020-12-17 00:00:00

nodejs:14 security and bug fix update

2021-02-20 00:00:00

redhat

(RHSA-2020:5499) Moderate: nodejs:12 security and bug fix update

2020-12-15 16:03:21

(RHSA-2020:5305) Moderate: rh-nodejs12-nodejs security update

2020-12-01 14:18:32

(RHSA-2021:0551) Moderate: nodejs:14 security and bug fix update

2021-02-16 07:34:42

rocky

nodejs:12 security and bug fix update

2020-12-15 16:03:21

nodejs:14 security and bug fix update

2021-02-16 07:34:42

oracle

Oracle Critical Patch Update Advisory - January 2021

2021-01-19 00:00:00

Oracle Critical Patch Update Advisory - July 2021

2021-07-20 00:00:00

Oracle Critical Patch Update Advisory - October 2021

2021-10-19 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.008 Low

EPSS

Percentile

79.0%

JSON

Related for FEDORA:5A27030A7064