EulerOS 2.0 SP12 : libwebsockets (EulerOS-SA-2026-1373)

According to the versions of the libwebsockets package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during...

Huawei EulerOS: Security Advisory for libwebsockets (EulerOS-SA-2026-1287)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2025-2611 libwebsockets security update

Libwebsockets LWS is a flexible, lightweight pure C library for implementing modern network protocols easily with a tiny footprint, using a nonblocking event loop. Security Fixes: Use After Free vulnerability exists in the WebSocket server implementation in lwshandshakeserver in warmcat...

Linux Distros Unpatched Vulnerability : CVE-2025-11678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow th...

CVE-2025-11678

Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow the labelstack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer...

CVE-2025-11678 Stack-based Buffer Overflow in libwebsockets DNS response parsing

Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow the labelstack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer...

PT-2025-42761

Name of the Vulnerable Software and Affected Versions libwebsockets affected versions not specified Description A stack-based buffer overflow exists in the lws adns parse label function within libwebsockets. This occurs when the LWS WITH SYS ASYNC DNS flag is enabled during compilation and an...

ROS-20240410-04

The vulnerability of the aresreadline function of the C-ares asynchronous DNS query library is related to the operation exceeding the buffer boundaries in memory. beyond the buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of servi...

CVE-2023-31442

In Lightbend Akka, the DNS resolver used by Discovery in DNS mode (and by Cluster Bootstrap) had predictable DNS transaction IDs in versions 2.5.14 through 2.8.0, making DNS responses susceptible to spoofing. This can enable data exfiltration if the application performing discovery does not valid...

CVE-2023-31442

In Lightbend Akka before 2.8.1, the async-dns resolver used by Discovery in DNS mode and transitively by Cluster Bootstrap uses predictable DNS transaction IDs when resolving DNS records, making DNS resolution subject to poisoning by an attacker. If the application performing discovery does not...