5 matches found
MiracleLinux 8 : nodejs:16 (AXSA:2023-6226:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6226:01 advisory. c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 c-ares: Buffer Underwrite in aresinetnetpton CVE-2023-31130 c-ares: Insufficient...
MiracleLinux 8 : nodejs:12 (AXSA:2021-1495:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1495:01 advisory. nodejs-mixin-deep: prototype pollution in function mixin-deep CVE-2019-10746 nodejs-set-value: prototype pollution in function set-value...
Ubuntu 24.10 / 25.04 : c-ares vulnerability (USN-7477-1)
The remote Ubuntu 24.10 / 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7477-1 advisory. It was discovered that c-ares incorrectly handled re-enqueuing certain queries. A remote attacker could possibly use this issue to cause c-ares to crash,...
AZL-26921 CVE-2023-32067 affecting package grpc for versions less than 1.42.0-8
c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful...
GLSA-202012-11 : c-ares: Denial of service
The remote host is affected by the vulnerability described in GLSA-202012-11 c-ares: Denial of service It was discovered that c-ares incorrectly handled certain DNS requests. Impact : A remote attacker, able to trigger a DNS request for a host of their choice by an application linked against...