Astra Linux - уязвимость в c-ares

A flaw was discovered in the c-ares library. A missing input validation check for host names returned by DNS Domain Name Servers can result in incorrect hostnames being displayed. This could potentially lead to Domain Hijacking. The greatest threat posed by this vulnerability is related to...

CLSA-2026-1776432133 c-ares: Fix of CVE-2022-4904

CVE-2022-4904: fix stack overflow in aressetsortlist due to missing input validation...

Debian dsa-6084 : libc-ares-dev - security update

The remote Debian 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6084 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6084-1 [email protected] https://www.debian.org/security/...

DSA-6084-1 c-ares - security update

Bulletin has no description...

CVE-2025-62408

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

ALPINE-CVE-2025-62408

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

CVE-2025-62408

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

EUVD-2017-18387

Malware in sbrugna...

EUVD-2020-6498

Malware in sbrugna...

EUVD-2023-35463

Malicious code in bioql PyPI...

EUVD-2024-22949

Malicious code in bioql PyPI...

EUVD-2023-35450

Malicious code in bioql PyPI...

Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.10.0 Vulnerability Details CVEID:CVE-2025-46727 DESCRIPTION: Rack is a modular Ruby web server interface. Prior to versions 2.2.14, 3.0.16, and 3.1.14, Rack::QueryParser parses query strings and...

TencentOS Server 3: c-ares (TSSA-2022:0198)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0198 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

RLSA-2024:4249 Low: c-ares security update

The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Out of bounds read in aresreadline CVE-2024-25629 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

CBL Mariner 2.0 Security Update: CBL-Mariner Releases / c-ares / pgbouncer (CVE-2021-3672)

The version of CBL-Mariner Releases / c-ares / pgbouncer installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-3672 advisory. - A flaw was found in c-ares library, where a missing input validation check...

[SECURITY] Fedora 40 Update: c-ares-1.34.5-1.fc40

c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT...

The vulnerability of the C-ares asynchronous DNS query library, related to the possibility of using memory after it is freed, allows a hacker to cause a service failure.

The vulnerability of the C-ares asynchronous DNS query library is related to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

[SECURITY] Fedora 41 Update: c-ares-1.34.5-1.fc41

c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT...

[SECURITY] Fedora 42 Update: c-ares-1.34.5-1.fc42

c-ares is a C library that performs DNS requests and name resolves asynchronously. c-ares is a fork of the library named 'ares', written by Greg Hudson at MIT...