CVE-2022-4904

Improper Input Validation in conan/c-ares

Identifiers

CVE-2022-4904

Package Slug

conan/c-ares

Vulnerability

Improper Input Validation

Description

A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.

Affected Versions

All versions

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-03-15

source