2 matches found
AZL-26938 CVE-2023-31130 affecting package nodejs for versions less than 16.20.1-2
c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to...
PT-2023-6788
Name of the Vulnerable Software and Affected Versions c-ares versions prior to 1.19.1 Description The issue is related to a buffer underflow in the ares inet net pton function for certain IPv6 addresses, such as "0::00:00:00/2". This function is used internally by c-ares for configuration purpose...