CVE-2022-4904
conan/c-ares
Improper Input Validation
A flaw was found in the c-ares package. The aressetsortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.
All versions before 1.19.0
Upgrade to version 1.19.0 or above.
2023-03-15
source |