CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
EPSS
Percentile
48.7%
A vulnerability in the C-ares asynchronous DNS query library is related to uncontrolled resource consumption in the event of
misinterpretation of packet length. Exploitation of the vulnerability could allow an attacker,
acting remotely, to cause a denial of service using a corrupted UDP packet