0.002 Low
EPSS
Percentile
52.8%
c-ares is vulnerable to domain hijacking. Missing input validation of host names returned by Domain Name Servers in the c-ares library can lead to output of wrong hostnames (leading to Domain Hijacking).
bugzilla.redhat.com/show_bug.cgi?id=1988342
c-ares.haxx.se/adv_20210810.html
cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
secdb.alpinelinux.org/edge/main.yaml
www.oracle.com/security-alerts/cpujul2022.html