Количество 47
Количество 47
SUSE-SU-2023:2477-1
Security update for libcares2
SUSE-SU-2023:2313-1
Security update for c-ares
RLSA-2023:4034
Important: nodejs:16 security update
RLSA-2023:3577
Important: nodejs:18 security update
ELSA-2023-4034
ELSA-2023-4034: nodejs:16 security update (IMPORTANT)
ELSA-2023-3586
ELSA-2023-3586: nodejs security update (IMPORTANT)
ELSA-2023-3577
ELSA-2023-3577: 18 security update (IMPORTANT)
RLSA-2023:4035
Important: nodejs:18 security update
ELSA-2023-4035
ELSA-2023-4035: nodejs:18 security update (IMPORTANT)
SUSE-SU-2023:2861-1
Security update for nodejs16
SUSE-SU-2023:2663-1
Security update for nodejs16
SUSE-SU-2023:2655-1
Security update for nodejs16
SUSE-SU-2023:2669-1
Security update for nodejs18
SUSE-SU-2023:2662-1
Security update for nodejs18
ELSA-2023-6635
ELSA-2023-6635: c-ares security, bug fix, and enhancement update (MODERATE)
ROS-20240404-02
Множественные уязвимости c-ares
CVE-2023-31124
c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1.
CVE-2023-31124
c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1.
CVE-2023-31124
c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1.
CVE-2023-31124
AutoTools does not set CARES_RANDOM_FILE during cross compilation
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | SUSE-SU-2023:2477-1 Security update for libcares2 | около 3 лет назад | ||
| SUSE-SU-2023:2313-1 Security update for c-ares | около 3 лет назад | ||
 | RLSA-2023:4034 Important: nodejs:16 security update | почти 3 года назад | ||
| RLSA-2023:3577 Important: nodejs:18 security update | около 3 лет назад | ||
| ELSA-2023-4034 ELSA-2023-4034: nodejs:16 security update (IMPORTANT) | почти 3 года назад | ||
| ELSA-2023-3586 ELSA-2023-3586: nodejs security update (IMPORTANT) | около 3 лет назад | ||
| ELSA-2023-3577 ELSA-2023-3577: 18 security update (IMPORTANT) | около 3 лет назад | ||
| RLSA-2023:4035 Important: nodejs:18 security update | почти 3 года назад | ||
| ELSA-2023-4035 ELSA-2023-4035: nodejs:18 security update (IMPORTANT) | почти 3 года назад | ||
| SUSE-SU-2023:2861-1 Security update for nodejs16 | почти 3 года назад | ||
| SUSE-SU-2023:2663-1 Security update for nodejs16 | около 3 лет назад | ||
| SUSE-SU-2023:2655-1 Security update for nodejs16 | около 3 лет назад | ||
| SUSE-SU-2023:2669-1 Security update for nodejs18 | около 3 лет назад | ||
| SUSE-SU-2023:2662-1 Security update for nodejs18 | около 3 лет назад | ||
| ELSA-2023-6635 ELSA-2023-6635: c-ares security, bug fix, and enhancement update (MODERATE) | больше 2 лет назад | ||
 | ROS-20240404-02 Множественные уязвимости c-ares | CVSS3: 6.4 | около 2 лет назад | |
 | CVE-2023-31124 c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1. | CVSS3: 3.7 | 1% Низкий | около 3 лет назад |
 | CVE-2023-31124 c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1. | CVSS3: 3.7 | 1% Низкий | около 3 лет назад |
 | CVE-2023-31124 c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARES_RANDOM_FILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand() as a fallback which could allow an attacker to take advantage of the lack of entropy by not using a CSPRNG. This issue was patched in version 1.19.1. | CVSS3: 3.7 | 1% Низкий | около 3 лет назад |
 | CVE-2023-31124 AutoTools does not set CARES_RANDOM_FILE during cross compilation | CVSS3: 3.7 | 1% Низкий | около 3 лет назад |
Уязвимостей на страницу