Lucene search
OracleLinuxELSA-2023-7207HistoryNov 22, 2023 - 12:00 a.m.
c-ares security update
2023-11-2200:00:00
linux.oracle.com
15
c-ares
security update
buffer underwrite
read-heap-buffer-overflow
6.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
13.4%
[1.13.0-9.1]
- Resolves: RHEL-11931 - Buffer Underwrite in ares_inet_net_pton() [rhel-8.9.0.z]
[1.13.0-9] - Resolves: rhbz#2238293 - CVE-2020-22217 c-ares: read-heap-buffer-overflow in ares_parse_soa_reply [rhel-8] [rhel-8.9.0.z]
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 8 | src | c-ares | < 1.13.0-9.el8_9.1 | c-ares-1.13.0-9.el8_9.1.src.rpm |
| oracle linux | 8 | src | c-ares | < 1.13.0-9.el8_9.1 | c-ares-1.13.0-9.el8_9.1.src.rpm |
| oracle linux | 8 | aarch64 | c-ares | < 1.13.0-9.el8_9.1 | c-ares-1.13.0-9.el8_9.1.aarch64.rpm |
| oracle linux | 8 | aarch64 | c-ares | < 1.13.0-9.el8_9.1 | c-ares-1.13.0-9.el8_9.1.aarch64.rpm |
| oracle linux | 8 | aarch64 | c-ares-devel | < 1.13.0-9.el8_9.1 | c-ares-devel-1.13.0-9.el8_9.1.aarch64.rpm |
| oracle linux | 8 | aarch64 | c-ares-devel | < 1.13.0-9.el8_9.1 | c-ares-devel-1.13.0-9.el8_9.1.aarch64.rpm |
| oracle linux | 8 | src | c-ares | < 1.13.0-9.el8_9.1 | c-ares-1.13.0-9.el8_9.1.src.rpm |
| oracle linux | 8 | src | c-ares | < 1.13.0-9.el8_9.1 | c-ares-1.13.0-9.el8_9.1.src.rpm |
| oracle linux | 8 | i686 | c-ares | < 1.13.0-9.el8_9.1 | c-ares-1.13.0-9.el8_9.1.i686.rpm |
| oracle linux | 8 | i686 | c-ares | < 1.13.0-9.el8_9.1 | c-ares-1.13.0-9.el8_9.1.i686.rpm |
Related
nessus
nessus
Oracle Linux 8 : c-ares (ELSA-2023-7207)
2023-11-22 00:00:00
RHEL 8 : c-ares (RHSA-2023:7207)
2023-11-14 00:00:00
CentOS 8 : c-ares (CESA-2023:7207)
2024-02-08 00:00:00
redhat
redhat
(RHSA-2023:7207) Moderate: c-ares security update
2023-11-14 16:23:45
(RHSA-2024:0419) Moderate: c-ares security update
2024-01-24 14:40:26
(RHSA-2024:0578) Moderate: c-ares security update
2024-01-30 12:53:21
almalinux
almalinux
Moderate: c-ares security update
2023-11-14 00:00:00
Important: nodejs:16 security update
2023-07-12 00:00:00
Important: nodejs:18 security update
2023-06-14 00:00:00
osv
osv
Moderate: c-ares security update
2023-11-28 22:42:52
Moderate: c-ares security update
2023-11-14 00:00:00
CVE-2020-22217
2023-08-22 19:16:19
rocky
rocky
c-ares security update
2023-11-28 22:42:52
nodejs:16 security update
2023-08-31 16:54:34
nodejs:18 security update
2023-06-24 18:53:41
debiancve
debiancve
CVE-2020-22217
2023-08-22 19:16:19
CVE-2023-31130
2023-05-25 22:15:09
redhatcve
redhatcve
CVE-2020-22217
2023-08-30 15:15:33
CVE-2023-31130
2023-05-24 04:11:24
openvas
openvas
Debian: Security Advisory (DLA-3567-1)
2023-09-18 00:00:00
Ubuntu: Security Advisory (USN-6376-1)
2023-09-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:3690-1)
2023-09-21 00:00:00
prion
prion
Buffer overflow
2023-08-22 19:16:00
Buffer overflow
2023-05-25 22:15:00
ubuntucve
ubuntucve
CVE-2020-22217
2023-08-22 00:00:00
CVE-2023-31130
2023-05-25 00:00:00
debian
debian
[SECURITY] [DLA 3567-1] c-ares security update
2023-09-15 06:39:57
[SECURITY] [DLA 3471-1] c-ares security update
2023-06-26 19:47:55
[SECURITY] [DSA 5419-1] c-ares security update
2023-06-07 05:12:38
cve
cve
CVE-2020-22217
2023-08-22 19:16:19
CVE-2023-31130
2023-05-25 22:15:09
cbl_mariner
cbl_mariner
CVE-2023-31130 affecting package nodejs18 for versions less than 18.17.1-2
2023-09-27 18:02:50
CVE-2023-31130 affecting package c-ares 1.19.0-1
2023-06-27 21:25:25
ubuntu
ubuntu
c-ares vulnerability
2023-09-18 00:00:00
c-ares vulnerabilities
2023-09-11 00:00:00
c-ares vulnerabilities
2023-06-14 00:00:00
nvd
nvd
CVE-2020-22217
2023-08-22 19:16:19
CVE-2023-31130
2023-05-25 22:15:09
cvelist
cvelist
CVE-2020-22217
2023-08-22 00:00:00
CVE-2023-31130 Buffer Underwrite in ares_inet_net_pton()
2023-05-25 21:45:42
wolfi
wolfi
CVE-2023-31130 vulnerabilities
2024-06-16 03:08:14
cgr
cgr
CVE-2023-31130 vulnerabilities
2024-05-19 03:07:16
f5
f5
K000138586 : Node.js c-areas vulnerability CVE-2023-31130
2024-02-13 00:00:00
gitlab
gitlab
Buffer Underwrite ('Buffer Underflow')
2023-05-25 00:00:00
redos
redos
ROS-20240404-02
2024-04-04 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2284
2023-10-31 14:04:36
amazon
amazon
Medium: c-ares
2024-01-03 21:04:00
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps
2023-08-30 14:40:17
oraclelinux
oraclelinux
18 security update
2023-06-15 00:00:00
nodejs:16 security update
2023-07-19 00:00:00
c-ares security, bug fix, and enhancement update
2023-11-11 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: c-ares-1.19.1-1.fc37
2023-05-28 02:57:44
[SECURITY] Fedora 38 Update: c-ares-1.19.1-1.fc38
2023-05-26 01:52:50
slackware
slackware
[slackware-security] c-ares
2023-05-22 19:09:04
gentoo
gentoo
c-ares: Multiple Vulnerabilities
2023-10-08 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0015
2023-05-29 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0084
2023-08-30 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0649
2023-09-14 00:00:00
6.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
13.4%
Related for ELSA-2023-7207