Lucene search
K

102 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : c-ares-1.13.0-6.el8.ML.1 (AXSA:2022-3337:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3337:02 advisory. c-ares: Missing input validation of host names may lead to domain hijacking CVE-2021-3672 Tenable has extracted the preceding description block directly from...

6.8CVSS7.7AI score0.02617EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2025/02/26 4:8 p.m.9 views

CVE-2021-3672 affecting package ceph for versions less than 18.2.2-1

CVE-2021-3672 affecting package ceph for versions less than 18.2.2-1. A patched version of the package is available...

6.8CVSS7.2AI score0.02617EPSS
Exploits1
CBLMariner
CBLMariner
added 2025/01/12 9:15 a.m.165 views

CVE-2021-3672 affecting package pgbouncer for versions less than 1.24.1-1

CVE-2021-3672 affecting package pgbouncer for versions less than 1.24.1-1. This CVE either no longer is or was never applicable...

6.8CVSS6.9AI score0.02617EPSS
Exploits1
CBLMariner
CBLMariner
added 2025/01/12 9:15 a.m.28 views

CVE-2021-3672 affecting package pgbouncer 1.16.1-1

CVE-2021-3672 affecting package pgbouncer 1.16.1-1. This CVE either no longer is or was never applicable...

6.8CVSS9.8AI score0.02617EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/09/10 12:0 a.m.19 views

NewStart CGSL MAIN 6.02 : c-ares Multiple Vulnerabilities (NS-SA-2024-0066)

The remote NewStart CGSL host, running version MAIN 6.02, has c-ares packages installed that are affected by multiple vulnerabilities: - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnam...

7.5CVSS6.9AI score0.02617EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/01/09 12:0 a.m.40 views

Amazon Linux 2 : c-ares (ALAS-2024-2399)

The version of c-ares installed on the remote host is prior to 1.10.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2399 advisory. A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Serve...

8.6CVSS7.4AI score0.02617EPSS
Exploits2References8
OSV
OSV
added 2023/08/31 12:15 p.m.4 views

BELL-CVE-2021-3672 CVE-2021-3672 does not affect BellSoft software

Bulletin has no description...

5.6CVSS5.8AI score0.02617EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2023/04/14 12:0 a.m.23 views

FreeBSD : py39-pycares -- domain hijacking vulnerability (43e9ffd4-d6e0-11ed-956f-7054d21a9e2a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 43e9ffd4-d6e0-11ed-956f-7054d21a9e2a advisory. - A flaw was found in c-ares library, where a missing input validation check of host names returned by...

6.8CVSS6.8AI score0.02617EPSS
Exploits1References3
F5 Networks
F5 Networks
added 2023/02/21 6:53 p.m.119 views

K53225395: Node.js vulnerabilities CVE-2021-3672 and CVE-2021-22931

Security Advisory Description CVE-2021-3672 Missing input validation of host names returned by Domain Name Servers DNS in the c-ares library can lead to output of wrong hostnames which may lead to Domain Hijacking. CVE-2021-22931 Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote...

9.8CVSS7.3AI score0.21952EPSS
Exploits2Affected Software14
Tenable Nessus
Tenable Nessus
added 2023/01/30 12:0 a.m.44 views

EulerOS Virtualization 3.0.2.2 : c-ares (EulerOS-SA-2023-1246)

According to the versions of the c-ares package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can...

6.8CVSS6.8AI score0.02617EPSS
Exploits1References2
OSV
OSV
added 2022/07/05 10:8 p.m.33 views

GHSA-C58J-88F5-H53F Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pycares

Impact pycares versions 4.2.0 are affected by CVE-2021-3672. Patches Update to version 4.2.0...

5.6CVSS6.4AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/07/05 10:8 p.m.38 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pycares

Impact pycares versions 4.2.0 are affected by CVE-2021-3672. Patches Update to version 4.2.0...

6.8CVSS3.1AI score0.02617EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/05/18 12:0 a.m.37 views

Oracle Linux 8 : c-ares (ELSA-2022-2043)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-2043 advisory. 1.13.0-6 - Resolves: rhbz1989425 - CVE-2021-3672 c-ares: missing input validation of host names may lead to Domain Hijacking rhel-8 Tenable has extracted the...

6.8CVSS7AI score0.02617EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/05/16 12:0 a.m.27 views

Rocky Linux 8 : c-ares (RLSA-2022:2043)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:2043 advisory. - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong...

6.8CVSS6.8AI score0.02617EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2022/05/12 12:0 a.m.25 views

AlmaLinux 8 : c-ares (ALSA-2022:2043)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:2043 advisory. - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostname...

6.8CVSS6.8AI score0.02617EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2022/05/10 2:23 p.m.34 views

Moderate: Red Hat Security Advisory: c-ares security update

An update for c-ares is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

6.8CVSS6.6AI score0.02617EPSS
Exploits1References3
OSV
OSV
added 2022/05/10 8:14 a.m.29 views

RLSA-2022:2043 Moderate: c-ares security update

The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Missing input validation of host names may lead to domain hijacking CVE-2021-3672 For more details about the security issues, including the impact, a CVSS score,...

5.6CVSS6.7AI score0.02617EPSS
Exploits1References2
AlmaLinux
AlmaLinux
added 2022/05/10 8:14 a.m.33 views

Moderate: c-ares security update

The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: Missing input validation of host names may lead to domain hijacking CVE-2021-3672 For more details about the security issues, including the impact, a CVSS score,...

6.8CVSS6.4AI score0.02617EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2022/05/10 8:14 a.m.90 views

c-ares security update

An update is available for c-ares. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The c-ares C library defines asynchronous DNS Domain Name System requests and...

6.8CVSS6.3AI score0.02617EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/05/10 12:0 a.m.29 views

CentOS 8 : c-ares (CESA-2022:2043)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:2043 advisory. - c-ares: Missing input validation of host names may lead to domain hijacking CVE-2021-3672 Note that Nessus has not tested for this issue but has instead relie...

6.8CVSS6.9AI score0.02617EPSS
Exploits1References2
Rows per page
Query Builder