Lucene search
K

62 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/10 6:2 a.m.7 views

Security Bulletin: Use-After-Free Vulnerability in c-ares read_answers() Function (v1.32.3–v1.34.4) affects watsonx.data

Summary CVE-2025-31498 - A use-after-free vulnerability exists in c-ares v1.32.3–v1.34.4 within the readanswers function. It can occur when processanswer re-enqueues queries under certain DNS conditions, potentially leading to crashes or unexpected behavior. This can affect watsonx.data...

8.3CVSS6.7AI score0.00555EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.3 views

MiracleLinux 9 : nodejs:20 (AXSA:2025-10487:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10487:02 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 Tenable has extracted the preceding description block directly from the MiracleLinux...

8.3CVSS7.3AI score0.00555EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.2 views

MiracleLinux 8 : nodejs:22 (AXSA:2025-9926:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9926:01 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 Tenable has extracted the precedi...

9.8CVSS7.5AI score0.00609EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/04 1:28 p.m.10 views

Security Bulletin: IBM DataPower Gateway vulnerable to a denial of service due to C-Ares

Summary C-Ares is used in IBM DataPower Gateway's DNS resolver Vulnerability Details CVEID:CVE-2025-31498 DESCRIPTION: c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS...

8.3CVSS6.5AI score0.00555EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/07/30 12:0 a.m.2 views

RockyLinux 8 : nodejs:22 (RLSA-2025:4459)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:4459 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 Tenable has extracted the preceding...

9.8CVSS7.5AI score0.00609EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/07/30 12:0 a.m.3 views

RockyLinux 9 : nodejs:20 (RLSA-2025:7426)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:7426 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 Tenable has extracted the preceding description block directly from the RockyLinux security...

8.3CVSS7.3AI score0.00555EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/07/30 12:0 a.m.3 views

RockyLinux 8 : nodejs:20 (RLSA-2025:4461)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:4461 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 Tenable has extracted the preceding description block directly from the RockyLinux security...

8.3CVSS7.3AI score0.00555EPSS
Exploits0References3
OSV
OSV
added 2025/07/29 1:40 p.m.4 views

RLSA-2025:7426 Moderate: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 For more details about the security issues, including the impact, a CVSS score,...

7CVSS7.8AI score0.00555EPSS
Exploits0References2
OSV
OSV
added 2025/07/29 1:40 p.m.5 views

RLSA-2025:7433 Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 For more details about the...

7.3CVSS8.1AI score0.00609EPSS
Exploits0References3
OSV
OSV
added 2025/07/29 1:38 p.m.4 views

RLSA-2025:4461 Moderate: nodejs:20 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 For more details about the security issues, including the impact, a CVSS score,...

7CVSS7.8AI score0.00555EPSS
Exploits0References2
OSV
OSV
added 2025/07/29 1:38 p.m.5 views

RLSA-2025:4459 Important: nodejs:22 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 For more details about the...

7.3CVSS8.1AI score0.00609EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/07/28 12:0 a.m.4 views

Oracle Linux 8 : nodejs:22 (ELSA-2025-11803)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-11803 advisory. - Patch fix for sqlite CVE-2025-6965 Resolves: RHEL-103835 - Update to 22.16.0 Fixes: CVE-2025-23166 - Patch fix for sqlite CVE-2025-31498 Resolves: RHEL-87300...

8.3CVSS7AI score0.73495EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2025/07/03 12:0 a.m.5 views

AlmaLinux 9 : nodejs:20 (ALSA-2025:7426)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7426 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 Tenable has extracted the preceding description block directly from the AlmaLinux security...

8.3CVSS7.3AI score0.00555EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/07/03 12:0 a.m.1 views

Fedora 42 : c-ares (2025-19b0cab086)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-19b0cab086 advisory. Update to 1.34.5. Fixes CVE-2025-31498. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...

8.3CVSS7.3AI score0.00555EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/30 1:27 p.m.9 views

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.13 LTS and 12.13.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...

9.8CVSS7.5AI score0.01193EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/06/30 12:0 a.m.3 views

Oracle Linux 10 : nodejs22 (ELSA-2025-7502)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7502 advisory. - Update c-ares with fix for CVE-2025-31498 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

8.3CVSS7.3AI score0.00555EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/27 12:0 a.m.4 views

Oracle Linux 10 : nodejs22 (ELSA-2025-8493)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-8493 advisory. - Update c-ares with fix for CVE-2025-31498 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

8.3CVSS6.9AI score0.00763EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2025/06/23 12:36 a.m.8 views

K000151995: c-ares vulnerability CVE-2025-31498

Security Advisory Description c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TC...

8.3CVSS7.2AI score0.00555EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.4 views

TencentOS Server 3: nodejs:20 (TSSA-2025:0352)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0352 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

8.3CVSS7.2AI score0.00555EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/05 12:0 a.m.7 views

Oracle Linux 8 : nodejs:22 (ELSA-2025-8506)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8506 advisory. - Update to 22.16.0 Fixes: CVE-2025-23166 - Patch fix for sqlite CVE-2025-31498 Resolves: RHEL-87300 - Update c-ares to newest version with fix for CVE-2025-314...

8.3CVSS6.9AI score0.01282EPSS
Exploits0References2
Rows per page
Query Builder