CVSS: 8.6EPSS: 0%CPEs: 5EXPL: 1CVE-2022-4904 – c-ares: buffer overflow in config_sortlist() due to missing string length check
https://notcve.org/view.php?id=CVE-2022-4904
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity. • https://bugzilla.redhat.com/show_bug.cgi?id=2168631 https://github.com/c-ares/c-ares/issues/496 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33LDNS6RPOPP36Z4MPWXALUQZXJCWJS2 https://security.gentoo.org/glsa/202401-02 https://access.redhat.com/security/cve/CVE-2022-4904 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 6.8EPSS: 0%CPEs: 35EXPL: 1CVE-2021-3672 – c-ares: Missing input validation of host names may lead to domain hijacking
https://notcve.org/view.php?id=CVE-2021-3672
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability. Se ha encontrado un fallo en la biblioteca c-ares, en la que una falta de comprobación de la comprobación de entrada de los nombres de host devueltos por los DNS (Servidores de Nombres de Dominio) puede conllevar a una salida de nombres de host erróneos, que podría conllevar potencialmente a un Secuestro de Dominios. La mayor amenaza de esta vulnerabilidad es para la confidencialidad e integridad, así como para la disponibilidad del sistema • https://bugzilla.redhat.com/show_bug.cgi?id=1988342 https://c-ares.haxx.se/adv_20210810.html https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://security.gentoo.org/glsa/202401-02 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2021-3672 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 2CVE-2020-14354
https://notcve.org/view.php?id=CVE-2020-14354
A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. This flaw possibly allows an attacker to crash the service that uses c-ares lib. The highest threat from this vulnerability is to this service availability. Un posible uso de la memoria previamente liberada y una doble liberación en c-ares lib versión 1.16.0, si la función ares_destroy() es llamado antes de completar la función ares_getaddrinfo(). Este fallo posiblemente permite a un atacante bloquear el servicio que usa c-ares lib. • https://bugzilla.redhat.com/show_bug.cgi?id=1866838 https://c-ares.haxx.se/changelog.html https://github.com/c-ares/c-ares/commit/1cc7e83c3bdfaafbc5919c95025592d8de3a170e https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OOYAMJVLLCLXDTHW3V5UXNULZBBK4O6 https://packetstormsecurity.com/files/158755/GS20200804145053.txt • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-415: Double Free CWE-416: Use After Free •