EUVD-2025-10377

Malicious code in bioql PyPI...

CBL Mariner 2.0 Security Update: c-ares / fluent-bit / grpc / nodejs (CVE-2023-31147)

The version of c-ares / fluent-bit / grpc / nodejs installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-31147 advisory. - c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom a...

CentOS 8 : c-ares (CESA-2023:3584)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:3584 advisory. - c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP...

EulerOS Virtualization 2.11.0 : c-ares (EulerOS-SA-2023-2749)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in...

EulerOS Virtualization 2.9.1 : c-ares (EulerOS-SA-2023-2951)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will...

EulerOS Virtualization 2.10.1 : c-ares (EulerOS-SA-2023-2913)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will...

EulerOS Virtualization 2.10.0 : c-ares (EulerOS-SA-2023-2932)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will...

RHEL 8 : c-ares (RHSA-2023:7207)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7207 advisory. The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Heap buff...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-3115)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2932)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-202310-09 : c-ares: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202310-09 c-ares: Multiple Vulnerabilities - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen when cross compiling aarch64...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2023-2780)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

F5 Networks BIG-IP : Node.js vulnerability (K000135831)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.1. It is, therefore, affected by a vulnerability as referenced in the K000135831 advisory. c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends...

Oracle Linux 8 : nodejs:16 (ELSA-2023-4034)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-4034 advisory. nodejs 1:16.19.1-2 - Update bundled c-ares to 1.19.1 Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067 Tenable has extracted the...

Oracle Linux 8 : nodejs:18 (ELSA-2023-4035)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-4035 advisory. nodejs 1:18.14.2-3 - Update bundled c-ares to 1.19.1 Resolves: CVE-2022-4904 Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067...

EulerOS 2.0 SP10 : c-ares (EulerOS-SA-2023-2374)

According to the versions of the c-ares package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a...

CentOS 8 : nodejs:18 (CESA-2023:4035)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:4035 advisory. - A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitra...

Oracle Linux 7 : c-ares (ELSA-2023-3741)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3741 advisory. 1.10.0-3.1 - Resolves: rhbz2209503 - CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service rhel-7.9.z Tenable has extracted the preceding description bloc...

Oracle Linux 8 : c-ares (ELSA-2023-3584)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3584 advisory. 1.13.0-6.1 - Resolves: rhbz2209516 - CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service rhel-8.8.0.z Tenable has extracted the preceding description...

Oracle Linux 9 : c-ares (ELSA-2023-3559)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3559 advisory. 1.17.1-5.1 - Resolves: rhbz2209519 - CVE-2023-32067 c-ares: 0-byte UDP payload Denial of Service rhel-9.2.0.z Tenable has extracted the preceding description...