Lucene search
OracleLinuxELSA-2022-2043HistoryMay 17, 2022 - 12:00 a.m.
c-ares security update
2022-05-1700:00:00
linux.oracle.com
10
5.6 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
[1.13.0-6]
- Resolves: rhbz#1989425 - CVE-2021-3672 c-ares: missing input validation of host names may lead to Domain Hijacking [rhel-8]
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | c-ares | < 1.13.0-6.el8 | c-ares-1.13.0-6.el8.src.rpm |
| oracle linux | 8 | aarch64 | c-ares | < 1.13.0-6.el8 | c-ares-1.13.0-6.el8.aarch64.rpm |
| oracle linux | 8 | aarch64 | c-ares-devel | < 1.13.0-6.el8 | c-ares-devel-1.13.0-6.el8.aarch64.rpm |
| oracle linux | 8 | src | c-ares | < 1.13.0-6.el8 | c-ares-1.13.0-6.el8.src.rpm |
| oracle linux | 8 | i686 | c-ares | < 1.13.0-6.el8 | c-ares-1.13.0-6.el8.i686.rpm |
| oracle linux | 8 | x86_64 | c-ares | < 1.13.0-6.el8 | c-ares-1.13.0-6.el8.x86_64.rpm |
| oracle linux | 8 | i686 | c-ares-devel | < 1.13.0-6.el8 | c-ares-devel-1.13.0-6.el8.i686.rpm |
| oracle linux | 8 | x86_64 | c-ares-devel | < 1.13.0-6.el8 | c-ares-devel-1.13.0-6.el8.x86_64.rpm |
Related
nessus
nessus
EulerOS Virtualization 3.0.2.6 : c-ares (EulerOS-SA-2021-2882)
2022-01-06 00:00:00
Amazon Linux AMI : c-ares (ALAS-2021-1545)
2021-11-05 00:00:00
AlmaLinux 8 : c-ares (ALSA-2022:2043)
2022-05-12 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2021-0282
2021-08-12 00:00:00
Important Photon OS Security Update - PHSA-2021-0079
2021-08-12 00:00:00
suse
suse
Security update for c-ares (important)
2021-08-19 00:00:00
Security update for c-ares (important)
2021-08-17 00:00:00
Security update for nodejs10 (moderate)
2021-09-07 00:00:00
rocky
rocky
c-ares security update
2022-05-10 08:14:29
nodejs:14 security and bug fix update
2021-09-27 06:47:35
nodejs:12 security and bug fix update
2021-09-21 12:33:58
openvas
openvas
Debian: Security Advisory (DSA-4954-1)
2021-08-12 00:00:00
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2021-2623)
2021-11-03 00:00:00
Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2021-2574)
2021-10-26 00:00:00
osv
osv
c-ares vulnerability
2021-08-10 11:53:27
CVE-2021-3672
2021-11-23 19:15:07
c-ares - security update
2021-08-10 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-3672 affecting package pgbouncer 1.16.1-1
2024-04-28 03:18:21
CVE-2021-3672 affecting package c-ares 1.17.1-1
2021-12-17 20:09:32
CVE-2021-3672 affecting package pgbouncer 1.16.1-1
2024-04-28 03:18:17
ubuntu
ubuntu
c-ares vulnerability
2021-08-10 00:00:00
c-ares vulnerability
2021-08-10 00:00:00
github
github
altlinux
altlinux
Security fix for the ALT Linux 9 package c-ares version 1.17.2-alt1
2021-08-19 00:00:00
Security fix for the ALT Linux 10 package node version 14.17.5-alt1
2021-08-17 00:00:00
veracode
veracode
Domain Hijacking
2021-08-11 07:40:41
cve
cve
CVE-2021-3672
2021-11-23 19:15:00
redhat
redhat
(RHSA-2022:2043) Moderate: c-ares security update
2022-05-10 08:14:29
(RHSA-2021:3623) Important: nodejs:12 security and bug fix update
2021-09-21 12:33:58
(RHSA-2021:3666) Important: nodejs:14 security and bug fix update
2021-09-27 06:47:35
amazon
amazon
Medium: c-ares
2021-10-29 16:37:00
Medium: c-ares
2024-01-03 21:04:00
alpinelinux
alpinelinux
CVE-2021-3672
2021-11-23 19:15:00
gitlab
gitlab
debian
debian
[SECURITY] [DSA 4954-1] c-ares security update
2021-08-10 07:10:36
[SECURITY] [DLA 2738-1] c-ares security update
2021-08-10 07:18:07
[SECURITY] [DSA 4954-1] c-ares security update
2021-08-10 07:10:36
archlinux
archlinux
[ASA-202108-13] c-ares: insufficient validation
2021-08-10 00:00:00
mageia
mageia
Updated c-ares packages fix security vulnerability
2021-10-02 21:57:04
Updated nodejs packages fix security vulnerability
2021-10-06 22:41:56
fedora
fedora
[SECURITY] Fedora 33 Update: mingw-c-ares-1.17.2-1.fc33
2021-08-19 01:11:17
[SECURITY] Fedora 33 Update: c-ares-1.17.2-1.fc33
2021-08-31 22:05:13
[SECURITY] Fedora 35 Update: python-pycares-4.0.0-5.fc35
2021-09-24 20:40:39
freebsd
freebsd
py39-pycares -- domain hijacking vulnerability
2021-06-11 00:00:00
debiancve
debiancve
CVE-2021-3672
2021-11-23 19:15:00
prion
prion
Input validation
2021-11-23 19:15:00
almalinux
almalinux
Moderate: c-ares security update
2022-05-10 08:14:29
Important: nodejs:12 security and bug fix update
2021-09-21 12:33:58
Important: nodejs:14 security and bug fix update
2021-09-27 06:47:35
redhatcve
redhatcve
CVE-2021-3672
2021-08-10 18:58:50
ubuntucve
ubuntucve
CVE-2021-3672
2021-08-10 00:00:00
CVE-2021-22931
2021-08-16 00:00:00
f5
f5
K53225395 : Node.js vulnerabilities CVE-2021-3672 and CVE-2021-22931
2021-10-15 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2246
2023-10-17 12:06:48
gentoo
gentoo
c-ares: Multiple Vulnerabilities
2024-01-05 00:00:00
oraclelinux
oraclelinux
nodejs:14 security and bug fix update
2021-09-27 00:00:00
nodejs:12 security and bug fix update
2021-09-22 00:00:00
ibm
ibm
ics
ics
Siemens SINEC INS
2022-03-10 12:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
oracle
oracle
Oracle Critical Patch Update Advisory - July 2022
2022-07-19 00:00:00
5.6 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related for ELSA-2022-2043