Security Bulletin: Denial of Service Vulnerability in c-ares Resolver (Versions 1.32.3–1.34.5), affects watsonx.data

Summary c-ares versions 1.32.3–1.34.5 contain a flaw where certain DNS queries may terminate prematurely after maximum retry attempts, potentially leading to a Denial of Service. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2025-62408 DESCRIPTION: c-ares is an asynchronous resolv...

OPENSUSE-SU-2026:10007-1 c-ares-devel-1.34.6-1.1 on GA media

These are all security issues fixed in the c-ares-devel-1.34.6-1.1 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2025-62408

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

ALPINE-CVE-2025-62408

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

CVE-2025-62408

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

CVE-2025-62408 c-ares has a Use After Free vulnerability when connection is cleaned up after error

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using readanswer and processanswer, which can cause a Denial of Service. This issue is fixed in version 1.34.6...

PT-2025-49603

Name of the Vulnerable Software and Affected Versions c-ares versions 1.32.3 through 1.34.5 Description c-ares is an asynchronous resolver library. Versions between 1.32.3 and 1.34.5 improperly handle query termination after maximum attempts when utilizing the read answer and process answer...

PT-2024-33256 · Google · Google Kms

Name of the Vulnerable Software and Affected Versions: berriai/litellm version 1.34.6 Description: A code injection issue exists due to the use of unvalidated input in the eval function within the secret management system. This issue requires a valid Google KMS configuration file to be exploitabl...