TencentOS Server 4: python-pycares (TSSA-2025:0971)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0971 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Fedora 41 : python-pycares (2025-c10725fc18)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-c10725fc18 advisory. 4.9.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this issue but ha...

CVE-2025-48945 pycares has a Use-After-Free Vulnerability

pycares is a Python module which provides an interface to c-ares. c-ares is a C library that performs DNS requests and name resolutions asynchronously. Prior to version 4.9.0, pycares is vulnerable to a use-after-free condition that occurs when a Channel object is garbage collected while DNS...

CVE-2025-48945 pycares has a Use-After-Free Vulnerability

pycares is a Python module which provides an interface to c-ares. c-ares is a C library that performs DNS requests and name resolutions asynchronously. Prior to version 4.9.0, pycares is vulnerable to a use-after-free condition that occurs when a Channel object is garbage collected while DNS...

CVE-2025-48945

pycares is a Python module which provides an interface to c-ares. c-ares is a C library that performs DNS requests and name resolutions asynchronously. Prior to version 4.9.0, pycares is vulnerable to a use-after-free condition that occurs when a Channel object is garbage collected while DNS...

CVE-2025-48945

A flaw was found in pycares. A use-after-free condition arises when a Channel object is garbage collected while associated DNS queries remain pending, leading to a fatal Python error and interpreter crash. This vulnerability allows a local attacker to trigger the crash by initiating DNS queries a...

01os (=0.0.14), ai-sec (>=0.0.1 <=0.0.9) +244 more potentially affected by CVE-2025-48945 via pycares (>=4.0.0 <=4.8.0)

pycares PYPI version =4.0.0, =0.0.1, =0.1.0, =0.1.3, =2.0.4, =0.1.0, =0.1.3, =22.5.13, =1.0.1, =0.0.1, =3.4.2, =4.0.0 - backend-ai =1.4.0 and more Source cves: CVE-2025-48945 Source advisory: SNYK:PYTHON-PYCARES-10365309...

pycares has a Use-After-Free Vulnerability

Summary pycares is vulnerable to a use-after-free condition that occurs when a Channel object is garbage collected while DNS queries are still pending. This results in a fatal Python error and interpreter crash. Details Root Cause The vulnerability stems from improper handling of callback...

01os (=0.0.14), ai-sec (>=0.0.1 <=0.0.9) +219 more potentially affected by unknown CVE via pycares (>=1.0.0 <=4.1.2)

pycares PYPI version =1.0.0, =0.0.1, =0.1.0, =0.1.3, =0.1.1, =0.1.0, =2.0.4, =0.1.0, =0.0.1a1, =0.1.3, =22.5.13, =26.1.0 - anam-python-sdk =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-C58J-88F5-H53F...