{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-25T08:03:03.601","vulnerabilities":[{"cve":{"id":"CVE-2021-3672","sourceIdentifier":"secalert@redhat.com","published":"2021-11-23T19:15:07.877","lastModified":"2024-11-21T06:22:07.650","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability."},{"lang":"es","value":"Se ha encontrado un fallo en la biblioteca c-ares, en la que una falta de comprobación de la comprobación de entrada de los nombres de host devueltos por los DNS (Servidores de Nombres de Dominio) puede conllevar a una salida de nombres de host erróneos, que podría conllevar potencialmente a un Secuestro de Dominios. La mayor amenaza de esta vulnerabilidad es para la confidencialidad e integridad, así como para la disponibilidad del sistema"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":5.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":3.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:c-ares_project:c-ares:*:*:*:*:*:*:*:*","versionStartIncluding":"1.0.0","versionEndExcluding":"1.17.2","matchCriteriaId":"10FA24BA-9FF1-4F19-89A1-1F0CC4197D65"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*","matchCriteriaId":"E460AA51-FCDA-46B9-AE97-E6676AA5E194"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*","matchCriteriaId":"A930E247-0B43-43CB-98FF-6CE7B8189835"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.7:*:*:*:*:*:*:*","matchCriteriaId":"5B1633BB-7D54-4564-BC1C-3B80BA6FF215"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_computer_node:1:*:*:*:*:*:*:*","matchCriteriaId":"EF09697E-CCAD-46D1-A9E1-5EB66686D75A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*","matchCriteriaId":"83737173-E12E-4641-BC49-0BD84A6B29D0"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","matchCriteriaId":"92BC9265-6959-4D37-BE5E-8C45E98992F8"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","matchCriteriaId":"831F0F47-3565-4763-B16F-C87B1FF2035E"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","matchCriteriaId":"0E3F09B5-569F-4C58-9FCA-3C0953D107B5"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*","matchCriteriaId":"87C21FE1-EA5C-498F-9C6C-D05F91A88217"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1:*:*:*:*:*:*:*","matchCriteriaId":"280D547B-F204-4848-9262-A103176B740C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*","matchCriteriaId":"0AB105EC-19F9-424A-86F1-305A6FD74A9C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*","matchCriteriaId":"8C9BD9AE-46FC-4609-8D99-A3CFE91D58D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*","matchCriteriaId":"47811209-5CE5-4375-8391-B0A7F6A0E420"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1:*:*:*:*:*:*:*","matchCriteriaId":"8EB6F417-25D0-4A28-B7BA-D21929EAA9E9"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*","matchCriteriaId":"E5C80DB2-4A78-4EC9-B2A8-1E4D902C4834"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*","matchCriteriaId":"983533DD-3970-4A37-9A9C-582BD48AA1E5"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","matchCriteriaId":"6897676D-53F9-45B3-B27F-7FF9A4C58D33"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","matchCriteriaId":"E28F226A-CBC7-4A32-BE58-398FA5B42481"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","matchCriteriaId":"B09ACF2D-D83F-4A86-8185-9569605D8EE1"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","matchCriteriaId":"AC10D919-57FD-4725-B8D2-39ECB476902F"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*","matchCriteriaId":"48C2E003-A71C-4D06-B8B3-F93160568182"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*","matchCriteriaId":"3921C1CF-A16D-4727-99AD-03EFFA7C91CA"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*","matchCriteriaId":"BC6DD887-9744-43EA-8B3C-44C6B6339590"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*","matchCriteriaId":"BF14A415-15BD-4A6C-87CF-675E09390474"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:1:*:*:*:*:*:*:*","matchCriteriaId":"20BAC14F-AED9-40EF-A53C-ABD23BC4FD52"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.1.1","matchCriteriaId":"B0F46497-4AB0-49A7-9453-CC26837BF253"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","versionStartIncluding":"12.0.0","versionEndIncluding":"12.12.0","matchCriteriaId":"564ED5C8-50D7-413A-B88E-E62B6C07336A"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","versionStartIncluding":"12.13.0","versionEndExcluding":"12.22.5","matchCriteriaId":"BE107DA6-ABDC-4FDD-B37D-1E6BFBBA18BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","versionStartIncluding":"14.0.0","versionEndIncluding":"14.14.0","matchCriteriaId":"428DCD7B-6F66-4F18-B780-5BD80143D482"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*","versionStartIncluding":"14.15.0","versionEndExcluding":"14.17.5","matchCriteriaId":"BB2960EF-D182-4E4F-9449-470B629D90E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.6.2","matchCriteriaId":"59F5CA28-E970-48C4-A406-31667C47F61D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pgbouncer:pgbouncer:*:*:*:*:*:*:*:*","versionEndIncluding":"1.17.0","matchCriteriaId":"FB6BBFFB-5899-4257-9C47-FCA5248BB169"}]}]}],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1988342","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://c-ares.haxx.se/adv_20210810.html","source":"secalert@redhat.com","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf","source":"secalert@redhat.com","tags":["Patch","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/202401-02","source":"secalert@redhat.com"},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1988342","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://c-ares.haxx.se/adv_20210810.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/202401-02","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.oracle.com/security-alerts/cpujul2022.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}