Количество 18
Количество 18
CVE-2024-25629
c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist.
CVE-2024-25629
c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist.
CVE-2024-25629
c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist.
CVE-2024-25629
CVE-2024-25629
c-ares is a C library for asynchronous DNS requests. `ares__read_line( ...
SUSE-SU-2024:1136-1
Security update for c-ares
SUSE-SU-2024:1135-1
Security update for libcares2
RLSA-2024:4249
Low: c-ares security update
ELSA-2024-4249
ELSA-2024-4249: c-ares security update (LOW)
ELSA-2024-3842
ELSA-2024-3842: c-ares security update (LOW)
BDU:2024-01708
Уязвимость функции ares__read_line библиотеки асинхронных DNS-запросов C-ares, позволяющая нарушителю вызвать отказ в обслуживании
ROS-20240410-04
Множественные уязвимости с-ares
RLSA-2024:2910
Important: nodejs security update
ELSA-2024-2910
ELSA-2024-2910: nodejs security update (IMPORTANT)
ELSA-2024-2853
ELSA-2024-2853: nodejs:20 security update (IMPORTANT)
ELSA-2024-2780
ELSA-2024-2780: nodejs:18 security update (IMPORTANT)
ELSA-2024-2779
ELSA-2024-2779: nodejs:18 security update (IMPORTANT)
ELSA-2024-2778
ELSA-2024-2778: nodejs:20 security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-25629 c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist. | CVSS3: 4.4 | 0% Низкий | больше 1 года назад |
 | CVE-2024-25629 c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist. | CVSS3: 4.4 | 0% Низкий | больше 1 года назад |
 | CVE-2024-25629 c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist. | CVSS3: 4.4 | 0% Низкий | больше 1 года назад |
 | CVSS3: 5.5 | 0% Низкий | 8 месяцев назад | |
| CVE-2024-25629 c-ares is a C library for asynchronous DNS requests. `ares__read_line( ... | CVSS3: 4.4 | 0% Низкий | больше 1 года назад |
 | SUSE-SU-2024:1136-1 Security update for c-ares | 0% Низкий | около 1 года назад | |
| SUSE-SU-2024:1135-1 Security update for libcares2 | 0% Низкий | около 1 года назад | |
 | RLSA-2024:4249 Low: c-ares security update | 0% Низкий | около 1 месяца назад | |
| ELSA-2024-4249 ELSA-2024-4249: c-ares security update (LOW) | 12 месяцев назад | ||
| ELSA-2024-3842 ELSA-2024-3842: c-ares security update (LOW) | около 1 года назад | ||
 | BDU:2024-01708 Уязвимость функции ares__read_line библиотеки асинхронных DNS-запросов C-ares, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 4.4 | 0% Низкий | больше 1 года назад |
 | ROS-20240410-04 Множественные уязвимости с-ares | CVSS3: 4.4 | 0% Низкий | около 1 года назад |
| RLSA-2024:2910 Important: nodejs security update | около 1 года назад | ||
| ELSA-2024-2910 ELSA-2024-2910: nodejs security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-2853 ELSA-2024-2853: nodejs:20 security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-2780 ELSA-2024-2780: nodejs:18 security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-2779 ELSA-2024-2779: nodejs:18 security update (IMPORTANT) | около 1 года назад | ||
| ELSA-2024-2778 ELSA-2024-2778: nodejs:20 security update (IMPORTANT) | около 1 года назад |
Уязвимостей на страницу