Lucene search
K

8 matches found

OSV
OSV
added 2026/05/07 9:37 a.m.7 views

OPENSUSE-SU-2026:20698-1 Security update for c-ares

This update for c-ares fixes the following issue - CVE-2025-62408: use after free in readanswers bsc1254738. Changes for c-ares: - c-ares 1.35.6: Ignore Windows IDN Search Domains until proper IDN support is added Various bug fixes...

5.9CVSS6.7AI score0.00396EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/06 7:23 a.m.7 views

Security Bulletin: Denial of Service Vulnerability in c-ares Resolver (Versions 1.32.3–1.34.5), affects watsonx.data

Summary c-ares versions 1.32.3–1.34.5 contain a flaw where certain DNS queries may terminate prematurely after maximum retry attempts, potentially leading to a Denial of Service. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2025-62408 DESCRIPTION: c-ares is an asynchronous resolv...

5.9CVSS5.9AI score0.00396EPSS
Exploits0Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2026/01/13 12:0 a.m.3 views

istioctl-1.28.2-1.1 on GA media (moderate)

istioctl-1.28.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10029-1 Rating: moderate Cross-References: CVE-2025-62408 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

5.9CVSS7.2AI score0.00396EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/08 12:0 a.m.7 views

Amazon Linux 2023 : nodejs20, nodejs20-devel, nodejs20-full-i18n (ALAS2023-2025-1346)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1346 advisory. Use after free due to connection being cleaned up after error CVE-2025-62408 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus h...

5.9CVSS5.4AI score0.00396EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/08 12:0 a.m.5 views

Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2025-1348)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1348 advisory. Use after free due to connection being cleaned up after error CVE-2025-62408 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus h...

5.9CVSS5.4AI score0.00396EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2026/01/07 12:0 a.m.3 views

c-ares-devel-1.34.6-1.1 on GA media (moderate)

c-ares-devel-1.34.6-1.1 on GA media Announcement ID: openSUSE-SU-2026:10007-1 Rating: moderate Cross-References: CVE-2025-62408 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

5.9CVSS7.2AI score0.00396EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/12/08 10:4 p.m.2 views

CVE-2025-62408

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

5.9CVSS6.3AI score0.00396EPSS
Exploits0
Circl
Circl
added 2025/12/08 4:4 p.m.2 views

CVE-2025-62408

creationtimestamp| type| source ---|---|--- 2025-12-08 16:04:49+00:00| seen| https://seclists.org/oss-sec/2025/q4/253 2025-12-08 17:03:16+00:00| seen| https://seclists.org/oss-sec/2025/q4/254 2025-12-08 17:39:08+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3m7il4ux4rp2h...

5.9CVSS5.5AI score0.00396EPSS
Exploits0References9
Rows per page
Query Builder