Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-D6EAFAF3EB45B9C2FD649C8F78A433FEHistoryMay 25, 2023 - 12:00 a.m.
Buffer Underwrite ('Buffer Underflow')
2023-05-2500:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
12
c-ares
asynchronous resolver
buffer underflow
ipv6 addresses
administrator
configuration
vulnerability fix
0.0004 Low
EPSS
Percentile
5.1%
c-ares is an asynchronous resolver library. ares_inet_net_pton() is vulnerable to a buffer underflow for certain ipv6 addresses, in particular “0::00:00:00/2” was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to configure such an address via ares_set_sortlist(). However, users may externally use ares_inet_net_pton() for other purposes and thus be vulnerable to more severe issues. This issue has been fixed in 1.19.1.
| CPE | Name | Operator | Version |
|---|---|---|---|
| conan/c-ares | lt | 1.19.1 |
References
github.com/c-ares/c-ares/releases/tag/cares-1_19_1
github.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v
lists.fedoraproject.org/archives/list/[email protected]/message/B5Z5XFNXTNPTCBBVXFDNZQVLLIE6VRBY/
lists.fedoraproject.org/archives/list/[email protected]/message/UBFWILTA33LOSV23P44FGTQQIDRJHIY7/
nvd.nist.gov/vuln/detail/CVE-2023-31130
Related
debiancve
debiancve
CVE-2023-31130
2023-05-25 22:15:09
redhatcve
redhatcve
CVE-2023-31130
2023-05-24 04:11:24
cbl_mariner
cbl_mariner
CVE-2023-31130 affecting package fluent-bit for versions less than 2.1.10-1
2023-11-08 02:07:28
CVE-2023-31130 affecting package c-ares for versions less than 1.19.1-1
2023-06-14 23:53:35
CVE-2023-31130 affecting package c-ares 1.19.0-1
2023-06-27 21:25:25
wolfi
wolfi
CVE-2023-31130 vulnerabilities
2024-06-22 21:09:10
cve
cve
CVE-2023-31130
2023-05-25 22:15:09
nessus
nessus
RHEL 8 : c-ares (RHSA-2023:7392)
2023-11-21 00:00:00
Ubuntu 16.04 ESM / 18.04 ESM : c-ares vulnerabilities (USN-6164-2)
2023-09-11 00:00:00
EulerOS 2.0 SP11 : c-ares (EulerOS-SA-2023-2676)
2024-01-16 00:00:00
prion
prion
Buffer overflow
2023-05-25 22:15:00
redhat
redhat
(RHSA-2023:7392) Moderate: c-ares security update
2023-11-21 09:47:03
(RHSA-2023:7207) Moderate: c-ares security update
2023-11-14 16:23:45
(RHSA-2023:7543) Moderate: c-ares security update
2023-11-28 14:46:18
ubuntucve
ubuntucve
CVE-2023-31130
2023-05-25 00:00:00
osv
osv
CVE-2023-31130
2023-05-25 22:15:09
c-ares vulnerabilities
2023-09-11 15:51:51
c-ares - security update
2023-06-07 00:00:00
nvd
nvd
CVE-2023-31130
2023-05-25 22:15:09
cgr
cgr
CVE-2023-31130 vulnerabilities
2024-05-19 03:07:16
f5
f5
K000138586 : Node.js c-areas vulnerability CVE-2023-31130
2024-02-13 00:00:00
cvelist
cvelist
CVE-2023-31130 Buffer Underwrite in ares_inet_net_pton()
2023-05-25 21:45:42
openvas
openvas
Debian: Security Advisory (DLA-3471-1)
2023-06-27 00:00:00
Ubuntu: Security Advisory (USN-6164-1)
2023-06-15 00:00:00
Ubuntu: Security Advisory (USN-6164-2)
2023-09-12 00:00:00
debian
debian
[SECURITY] [DLA 3471-1] c-ares security update
2023-06-26 19:47:35
[SECURITY] [DSA 5419-1] c-ares security update
2023-06-07 05:12:38
redos
redos
ROS-20240404-02
2024-04-04 00:00:00
ubuntu
ubuntu
c-ares vulnerabilities
2023-09-11 00:00:00
c-ares vulnerabilities
2023-06-14 00:00:00
rocky
rocky
c-ares security update
2023-11-28 22:42:52
nodejs:18 security update
2023-06-24 18:53:41
nodejs:16 security update
2023-08-31 16:54:34
oraclelinux
oraclelinux
c-ares security update
2023-11-22 00:00:00
18 security update
2023-06-15 00:00:00
nodejs security update
2023-06-15 00:00:00
almalinux
almalinux
Moderate: c-ares security update
2023-11-14 00:00:00
Important: nodejs:16 security update
2023-07-12 00:00:00
Important: nodejs:18 security update
2023-06-14 00:00:00
amazon
amazon
Medium: c-ares
2024-01-03 21:04:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2284
2023-10-31 14:04:36
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps
2023-08-30 14:40:17
fedora
fedora
[SECURITY] Fedora 38 Update: c-ares-1.19.1-1.fc38
2023-05-26 01:52:50
[SECURITY] Fedora 37 Update: c-ares-1.19.1-1.fc37
2023-05-28 02:57:44
gentoo
gentoo
c-ares: Multiple Vulnerabilities
2023-10-08 00:00:00
slackware
slackware
[slackware-security] c-ares
2023-05-22 19:09:04
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0015
2023-05-29 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0084
2023-08-30 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0649
2023-09-14 00:00:00
ics
ics
Siemens SINEC NMS
2024-02-15 12:00:00
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
hp
hp
HP ThinPro 8.0 SP 7 Security Updates
2024-01-26 00:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47