exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2021-43523

около 4 лет назад

In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution, XSS, applications crashes, etc.). In other words, a validation step, which is expected in any stub resolver, does not occur.

CVSS3: 9.6

EPSS: Низкий

CVE-2021-43523

около 4 лет назад

CVSS3: 9.6

EPSS: Низкий

CVE-2021-43523

около 4 лет назад

In uClibc and uClibc-ng before 1.0.39 incorrect handling of special characters in domain names returned by DNS servers via gethostbyname getaddrinfo gethostbyaddr and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution XSS applications crashes etc.). In other words a validation step which is expected in any stub resolver does not occur.

CVSS3: 9.6

EPSS: Низкий

CVE-2021-43523

около 4 лет назад

In uClibc and uClibc-ng before 1.0.39, incorrect handling of special c ...

CVSS3: 9.6

EPSS: Низкий

GHSA-65xv-vmv6-8r3f

больше 3 лет назад

CVSS3: 9.6

EPSS: Низкий

BDU:2023-04414

около 4 лет назад

Уязвимость библиотек uClibC и uClibC-ng промышленных межсетевых экранов Hirschmann EAGLE, позволяющая нарушителю выполнить произвольный код

CVSS3: 9.6

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2021-43523 In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution, XSS, applications crashes, etc.). In other words, a validation step, which is expected in any stub resolver, does not occur.	CVSS3: 9.6	3% Низкий	около 4 лет назад
CVE-2021-43523 In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution, XSS, applications crashes, etc.). In other words, a validation step, which is expected in any stub resolver, does not occur.	CVSS3: 9.6	3% Низкий	около 4 лет назад
CVE-2021-43523 In uClibc and uClibc-ng before 1.0.39 incorrect handling of special characters in domain names returned by DNS servers via gethostbyname getaddrinfo gethostbyaddr and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution XSS applications crashes etc.). In other words a validation step which is expected in any stub resolver does not occur.	CVSS3: 9.6	3% Низкий	около 4 лет назад
CVE-2021-43523 In uClibc and uClibc-ng before 1.0.39, incorrect handling of special c ...	CVSS3: 9.6	3% Низкий	около 4 лет назад
GHSA-65xv-vmv6-8r3f In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution, XSS, applications crashes, etc.). In other words, a validation step, which is expected in any stub resolver, does not occur.	CVSS3: 9.6	3% Низкий	больше 3 лет назад
BDU:2023-04414 Уязвимость библиотек uClibC и uClibC-ng промышленных межсетевых экранов Hirschmann EAGLE, позволяющая нарушителю выполнить произвольный код	CVSS3: 9.6	3% Низкий	около 4 лет назад

Уязвимостей на страницу