Описание
c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using read_answer() and process_answer(), which can cause a Denial of Service. This issue is fixed in version 1.34.6.
Уязвимые конфигурации
Конфигурация 1Версия от 1.32.3 (включая) до 1.34.6 (исключая)
cpe:2.3:a:c-ares:c-ares:*:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.0006
Низкий
5.9 Medium
CVSS3
Дефекты
CWE-416
Связанные уязвимости
CVSS3: 5.9
ubuntu
около 2 месяцев назад
c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using read_answer() and process_answer(), which can cause a Denial of Service. This issue is fixed in version 1.34.6.
CVSS3: 5.9
msrc
около 2 месяцев назад
c-ares has a Use After Free vulnerability when connection is cleaned up after error
CVSS3: 5.9
debian
около 2 месяцев назад
c-ares is an asynchronous resolver library. Versions 1.32.3 through 1. ...
EPSS
Процентиль: 19%
0.0006
Низкий
5.9 Medium
CVSS3
Дефекты
CWE-416