VulnerableCode Package Details - pkg:alpm/archlinux/c-ares@1.17.1-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-5uhr-uasq-aaak Aliases: CVE-2021-3672	A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.	1.17.2-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-5uhr-uasq-aaak
Aliases:
CVE-2021-3672

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.

1.17.2-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-3euu-x4gm-aaah	A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1.	CVE-2020-8277

Vulnerability

Summary

Aliases

VCID-3euu-x4gm-aaah

A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1.

CVE-2020-8277

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:46:48.876637+00:00	Arch Linux Importer	Fixing	VCID-3euu-x4gm-aaah	https://security.archlinux.org/AVG-1280	36.0.0
2025-03-28T07:46:30.854253+00:00	Arch Linux Importer	Affected by	VCID-5uhr-uasq-aaak	https://security.archlinux.org/AVG-2268	36.0.0
2024-12-20T03:18:59.300096+00:00	Arch Linux Importer	Fixing	VCID-3euu-x4gm-aaah	https://security.archlinux.org/AVG-1280	35.0.0
2024-12-20T03:18:58.808987+00:00	Arch Linux Importer	Affected by	VCID-5uhr-uasq-aaak	https://security.archlinux.org/AVG-2268	35.0.0
2024-09-18T02:02:09.700907+00:00	Arch Linux Importer	Fixing	VCID-3euu-x4gm-aaah	https://security.archlinux.org/AVG-1280	34.0.1
2024-09-18T02:01:48.369579+00:00	Arch Linux Importer	Affected by	VCID-5uhr-uasq-aaak	https://security.archlinux.org/AVG-2268	34.0.1
2024-08-12T09:47:34.554011+00:00	Arch Linux Importer	Fixing	VCID-3euu-x4gm-aaah	https://security.archlinux.org/AVG-1280	34.0.0rc4
2024-08-12T09:47:34.526652+00:00	Arch Linux Importer	Affected by	VCID-5uhr-uasq-aaak	https://security.archlinux.org/AVG-2268	34.0.0rc4
2024-01-03T22:28:12.145330+00:00	Arch Linux Importer	Fixing	VCID-3euu-x4gm-aaah	https://security.archlinux.org/AVG-1280	34.0.0rc1
2024-01-03T22:27:53.535185+00:00	Arch Linux Importer	Affected by	VCID-5uhr-uasq-aaak	https://security.archlinux.org/AVG-2268	34.0.0rc1