7 matches found
CLSA-2025-1756408700 nodejs: Fix of CVE-2024-25629
CVE-2024-25629: prevent reading before buffer start when parsing config files containing an embedded NULL as the first character of a line by discarding such lines in aresreadline...
c-ares Vulnerable to Memory Corruption via Out-of-Bounds Read in ‘ares__read_line’ function
c-ares is vulnerable to memory corruption due to improper parsing of local configuration files. This could allow a local attacker with access to such files to cause a denial-of-service DoS, or potentially leverage to obtain sensitive information from memory...
OESA-2024-2021 c-ares security update
This is c-ares, an asynchronous resolver library. It is intended for applications which need to perform DNS queries without blocking, or need to perform multiple Security Fixes: c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as...
c-ares: Out of bounds read in ares__read_line()
A vulnerability was found in c-ares where the aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.22.0, the /etc/hosts file. If the configuration files have an embedded NULL character ...
c-ares: Out of bounds read in ares__read_line()
A vulnerability was found in c-ares where the aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.22.0, the /etc/hosts file. If the configuration files have an embedded NULL character ...
c-ares: Out of bounds read in ares__read_line()
A vulnerability was found in c-ares where the aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.22.0, the /etc/hosts file. If the configuration files have an embedded NULL character ...
c-ares out of bounds read in ares__read_line()
...