Vulnerabilities > C Ares

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-22	CVE-2020-22217	Out-of-bounds Read vulnerability in multiple products Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c. network high complexity c-ares debian CWE-125	5.9
2021-05-13	CVE-2020-14354	Use After Free vulnerability in multiple products A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. local low complexity c-ares fedoraproject CWE-416	3.3
2017-07-07	CVE-2017-1000381	Information Exposure vulnerability in multiple products The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. network low complexity c-ares-project c-ares nodejs CWE-200	7.5
2016-10-03	CVE-2016-5180	Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the ares_create_query function in c-ares 1.x before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly execute arbitrary code via a hostname with an escaped trailing dot. network low complexity c-ares-project c-ares debian nodejs canonical CWE-787 critical	9.8

Vulnerabilities > C Ares {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"C Ares"}]}