CVE-2021-3672

Related Files

Gentoo Linux Security Advisory 202401-02

Posted Jan 5, 2024

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202401-2 - Multiple vulnerabilities have been found in c-ares, the worst of which could result in the loss of confidentiality or integrity. Versions greater than or equal to 1.19.0 are affected.

tags | advisory, vulnerability

systems | linux, gentoo

advisories | CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-3672, CVE-2022-4904

SHA-256 | f55f7b8be0123269cf0a3020e3f41c3abd725971d2971cd48e32c027598008a2

Download | Favorite | View

Red Hat Security Advisory 2022-5188-01

Posted Jun 27, 2022

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5188-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug and security fixes.

tags | advisory

systems | linux, redhat

advisories | CVE-2018-25032, CVE-2021-23222, CVE-2021-25219, CVE-2021-3634, CVE-2021-3672, CVE-2021-3737, CVE-2021-4189, CVE-2022-1154, CVE-2022-1271, CVE-2022-1902

SHA-256 | de99e1a865995c3cb23cb50bcf37b75b678a3a66147e77f88143a4717bf81758

Download | Favorite | View

Red Hat Security Advisory 2022-5132-01

Posted Jun 21, 2022

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5132-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug and security fixes.

tags | advisory

systems | linux, redhat

advisories | CVE-2018-25032, CVE-2021-23177, CVE-2021-23222, CVE-2021-25219, CVE-2021-31566, CVE-2021-3634, CVE-2021-3672, CVE-2021-3737, CVE-2021-4189, CVE-2022-0778, CVE-2022-1154, CVE-2022-1271, CVE-2022-1902, CVE-2022-24407

SHA-256 | bfca0ba942391c6a43c9f8d48bf4d26fb94e10f853c2bf23fb873d2cf0db5c07

Download | Favorite | View

Red Hat Security Advisory 2022-4880-01

Posted Jun 2, 2022

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-4880-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug fixes and feature improvements. Issues addressed include a bypass vulnerability.

tags | advisory, bypass

systems | linux, redhat

advisories | CVE-2018-25032, CVE-2021-23222, CVE-2021-23820, CVE-2021-25219, CVE-2021-3634, CVE-2021-3672, CVE-2021-3737, CVE-2021-41190, CVE-2021-4189, CVE-2022-1154, CVE-2022-1271

SHA-256 | c63643705f44dff2556cecc50e362faec1c7302c8cda104e2a0666de9f499543

Download | Favorite | View

Red Hat Security Advisory 2022-2043-01

Posted May 11, 2022

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-2043-01 - The c-ares C library defines asynchronous DNS requests and provides name resolving API.

tags | advisory

systems | linux, redhat

advisories | CVE-2021-3672

SHA-256 | e108f148a1af54fb45ba9b223d0fd6dc59250d1e1df679442e56a5005bfb99b4

Download | Favorite | View

Red Hat Security Advisory 2021-3666-01

Posted Sep 27, 2021

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3666-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, path sanitization, and use-after-free vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability

systems | linux, redhat

advisories | CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672

SHA-256 | c3e88fe61108ab45d44ef8e7ffedeed0ae53649beffdf3ca315f12cedd7d9b64

Download | Favorite | View

Red Hat Security Advisory 2021-3638-01

Posted Sep 22, 2021

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3638-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, out of bounds read, path sanitization, and use-after-free vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability

systems | linux, redhat

advisories | CVE-2021-22918, CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-23343, CVE-2021-23362, CVE-2021-27290, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672

SHA-256 | 2704f7d7f7834855254af3a08e31e1875339714538305d2b82dba5cf156dfce7

Download | Favorite | View

Red Hat Security Advisory 2021-3639-01

Posted Sep 22, 2021

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3639-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, out of bounds read, path sanitization, and use-after-free vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability

systems | linux, redhat

advisories | CVE-2021-22918, CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-23343, CVE-2021-23362, CVE-2021-27290, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672

SHA-256 | 9af482c5f609c49bcc196fd310a95efd28a894a47260f53bda01540c21a0be32

Download | Favorite | View

Red Hat Security Advisory 2021-3623-01

Posted Sep 21, 2021

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3623-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, path sanitization, and use-after-free vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability

systems | linux, redhat

advisories | CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672

SHA-256 | e179f4dbe148fdbdace9806a19f7395a84125ca2e4c6340fc7e2f527f5e7ff75

Download | Favorite | View

Red Hat Security Advisory 2021-3281-01

Posted Aug 30, 2021

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3281-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, path sanitization, and use-after-free vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability

systems | linux, redhat

advisories | CVE-2020-28469, CVE-2020-7788, CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672

SHA-256 | a97b7a091b22d8e6f19348d372008be17ab2db2ec0672614160373556b6097c8

Download | Favorite | View

Red Hat Security Advisory 2021-3280-01

Posted Aug 29, 2021

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3280-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, path sanitization, and use-after-free vulnerabilities.

tags | advisory, denial of service, javascript, vulnerability

systems | linux, redhat

advisories | CVE-2020-28469, CVE-2020-7788, CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, CVE-2021-22940, CVE-2021-23343, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672

SHA-256 | f81e943687d783d753939b62f38493f546f7dcb8c0ef9e04785e923bb274be6e

Download | Favorite | View

Debian Security Advisory 4954-1

Posted Aug 28, 2021

Authored by Debian | Site debian.org

Debian Linux Security Advisory 4954-1 - Philipp Jeitner and Haya Shulman discovered a flaw in c-ares, a library that performs DNS requests and name resolution asynchronously. Missing input validation of hostnames returned by DNS servers can lead to output of wrong hostnames (leading to Domain Hijacking).

tags | advisory

systems | linux, debian

advisories | CVE-2021-3672

SHA-256 | 0afbe743df467a029837a5ef0d6b4aca372c7816ee3d9c7768d240a3039adced

Download | Favorite | View

Ubuntu Security Notice USN-5034-2

Posted Aug 11, 2021

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5034-2 - USN-5034-1 fixed a vulnerability in c-ares. This update provides the corresponding update for Ubuntu 16.04 ESM. Philipp Jeitner and Haya Shulman discovered that c-ares incorrectly validated certain hostnames returned by DNS servers. A remote attacker could possibly use this issue to perform Domain Hijacking attacks. Various other issues were also addressed.

tags | advisory, remote

systems | linux, ubuntu

advisories | CVE-2021-3672

SHA-256 | b6272743ed2999c6a9272961639371f6244f52741e00ff251e4e0c7e801567c4

Download | Favorite | View

Ubuntu Security Notice USN-5034-1

Posted Aug 10, 2021

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5034-1 - Philipp Jeitner and Haya Shulman discovered that c-ares incorrectly validated certain hostnames returned by DNS servers. A remote attacker could possibly use this issue to perform Domain Hijacking attacks.

tags | advisory, remote

systems | linux, ubuntu

advisories | CVE-2021-3672

SHA-256 | f458f3e21f0b136385b4278a91f13b23b253397410de44fb127932612c80f6af

Download | Favorite | View