A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.
History

Tue, 15 Oct 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2021-11-23T00:00:00

Updated: 2024-10-15T17:14:27.220Z

Reserved: 2021-07-30T00:00:00

Link: CVE-2021-3672

cve-icon Vulnrichment

Updated: 2024-08-03T17:01:07.975Z

cve-icon NVD

Status : Modified

Published: 2021-11-23T19:15:07.877

Modified: 2024-11-21T06:22:07.650

Link: CVE-2021-3672

cve-icon Redhat

Severity : Moderate

Publid Date: 2021-08-10T00:00:00Z

Links: CVE-2021-3672 - Bugzilla