Lucene search
K

18 matches found

OSV
OSV
added 2026/05/07 9:37 a.m.7 views

OPENSUSE-SU-2026:20698-1 Security update for c-ares

This update for c-ares fixes the following issue - CVE-2025-62408: use after free in readanswers bsc1254738. Changes for c-ares: - c-ares 1.35.6: Ignore Windows IDN Search Domains until proper IDN support is added Various bug fixes...

5.9CVSS6.7AI score0.0039EPSS
Exploits0References2
OSV
OSV
added 2026/05/07 9:36 a.m.8 views

SUSE-SU-2026:21584-1 Security update for c-ares

This update for c-ares fixes the following issue - CVE-2025-62408: use after free in readanswers bsc1254738. Changes for c-ares: - c-ares 1.35.6: Ignore Windows IDN Search Domains until proper IDN support is added Various bug fixes...

5.9CVSS6.7AI score0.0039EPSS
Exploits0References3
OSV
OSV
added 2026/05/07 9:36 a.m.6 views

SUSE-SU-2026:21574-1 Security update for c-ares

This update for c-ares fixes the following issue - CVE-2025-62408: use after free in readanswers bsc1254738. Changes for c-ares: - c-ares 1.35.6: Ignore Windows IDN Search Domains until proper IDN support is added Various bug fixes...

5.9CVSS6.7AI score0.0039EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/10 6:2 a.m.7 views

Security Bulletin: Use-After-Free Vulnerability in c-ares read_answers() Function (v1.32.3–v1.34.4) affects watsonx.data

Summary CVE-2025-31498 - A use-after-free vulnerability exists in c-ares v1.32.3–v1.34.4 within the readanswers function. It can occur when processanswer re-enqueues queries under certain DNS conditions, potentially leading to crashes or unexpected behavior. This can affect watsonx.data...

8.3CVSS6.7AI score0.00555EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.2 views

MiracleLinux 8 : nodejs:22 (AXSA:2025-9926:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9926:01 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 Tenable has extracted the precedi...

9.8CVSS7.5AI score0.00609EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.4 views

MiracleLinux 9 : nodejs:22 (AXSA:2025-10479:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10479:01 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 Tenable has extracted the...

9.8CVSS7.5AI score0.00609EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/05/14 1:48 a.m.2 views

c-ares: c-ares has a use-after-free in read_answers()

A flaw was found in c-ares. This vulnerability allows a remote or local attacker to cause a use-after-free, potentially leading to application-level denial of service or other unexpected behavior via manipulation of DNS responses or network conditions during query processing...

8.3CVSS5.8AI score0.00555EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/05/13 3:59 p.m.3 views

c-ares: c-ares has a use-after-free in read_answers()

A flaw was found in c-ares. This vulnerability allows a remote or local attacker to cause a use-after-free, potentially leading to application-level denial of service or other unexpected behavior via manipulation of DNS responses or network conditions during query processing...

8.3CVSS5.8AI score0.00555EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/05/13 2:2 p.m.3 views

c-ares: c-ares has a use-after-free in read_answers()

A flaw was found in c-ares. This vulnerability allows a remote or local attacker to cause a use-after-free, potentially leading to application-level denial of service or other unexpected behavior via manipulation of DNS responses or network conditions during query processing...

8.3CVSS5.8AI score0.00555EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/05/13 2:2 p.m.5 views

c-ares: c-ares has a use-after-free in read_answers()

A flaw was found in c-ares. This vulnerability allows a remote or local attacker to cause a use-after-free, potentially leading to application-level denial of service or other unexpected behavior via manipulation of DNS responses or network conditions during query processing...

8.3CVSS5.8AI score0.00555EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/05/05 11:28 a.m.4 views

c-ares: c-ares has a use-after-free in read_answers()

A flaw was found in c-ares. This vulnerability allows a remote or local attacker to cause a use-after-free, potentially leading to application-level denial of service or other unexpected behavior via manipulation of DNS responses or network conditions during query processing...

8.3CVSS5.8AI score0.00555EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/05/05 10:39 a.m.2 views

c-ares: c-ares has a use-after-free in read_answers()

A flaw was found in c-ares. This vulnerability allows a remote or local attacker to cause a use-after-free, potentially leading to application-level denial of service or other unexpected behavior via manipulation of DNS responses or network conditions during query processing...

8.3CVSS5.8AI score0.00555EPSS
Exploits0References7
Amazon
Amazon
added 2025/04/29 12:0 a.m.5 views

Medium: nodejs20

Issue Overview: c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TCP queries if t...

8.3CVSS6.7AI score0.00555EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/16 7:0 a.m.1 views

c-ares has a use-after-free in read_answers()

...

8.3CVSS7.3AI score0.00555EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/04/09 1:32 a.m.2 views

SUSE CVE-2025-31498

c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TCP queries if the remote closed...

6.5CVSS6.8AI score0.00555EPSS
Exploits0References7
OSV
OSV
added 2025/04/08 2:15 p.m.5 views

DEBIAN-CVE-2025-31498

c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TCP queries if the remote closed...

8.3CVSS6.7AI score0.00555EPSS
Exploits0References1
OSV
OSV
added 2025/04/08 2:15 p.m.3 views

ALPINE-CVE-2025-31498

c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TCP queries if the remote closed...

8.3CVSS6.8AI score0.00555EPSS
Exploits0References1
OSV
OSV
added 2025/04/08 2:15 p.m.1 views

UBUNTU-CVE-2025-31498

c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query either due to a DNS Cookie Failure or when the upstream server does not properly support EDNS, or possibly on TCP queries if the remote closed...

8.3CVSS6.8AI score0.00555EPSS
Exploits0References7
Rows per page
Query Builder