Vulnerabilities > C Ares Project > C Ares > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-25 | CVE-2023-31130 | Out-of-bounds Write vulnerability in multiple products c-ares is an asynchronous resolver library. | 6.4 |
| 2023-05-25 | CVE-2023-31147 | c-ares is an asynchronous resolver library. | 6.5 |
| 2021-11-23 | CVE-2021-3672 | Cross-site Scripting vulnerability in multiple products A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. | 5.6 |