Количество 48
Количество 48
CVE-2023-31147
CVE-2023-31147
c-ares is an asynchronous resolver library. When /dev/urandom or RtlGe ...
CVE-2023-31124
c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1.
CVE-2023-31124
c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1.
CVE-2023-31124
c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1.
CVE-2023-31124
CVE-2023-31124
c-ares is an asynchronous resolver library. When cross-compiling c-are ...
BDU:2024-02612
Уязвимость компонента autotools CARES_RANDOM_FILE библиотеки асинхронных DNS-запросов C-ares, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVSS3: 6.5 | 0% Низкий | около 2 лет назад | |
| CVE-2023-31147 c-ares is an asynchronous resolver library. When /dev/urandom or RtlGe ... | CVSS3: 5.9 | 0% Низкий | около 2 лет назад |
 | CVE-2023-31124 c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1. | CVSS3: 3.7 | 0% Низкий | около 2 лет назад |
 | CVE-2023-31124 c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1. | CVSS3: 3.7 | 0% Низкий | около 2 лет назад |
 | CVE-2023-31124 c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1. | CVSS3: 3.7 | 0% Низкий | около 2 лет назад |
| CVSS3: 3.7 | 0% Низкий | около 2 лет назад | |
| CVE-2023-31124 c-ares is an asynchronous resolver library. When cross-compiling c-are ... | CVSS3: 3.7 | 0% Низкий | около 2 лет назад |
 | BDU:2024-02612 Уязвимость компонента autotools CARES_RANDOM_FILE библиотеки асинхронных DNS-запросов C-ares, позволяющая нарушителю оказать воздействие на целостность защищаемой информации | CVSS3: 3.7 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу