CVE-2021-3672 log

Severity Medium
Remote Yes
Type Insufficient validation
Missing input validation of host names returned by Domain Name Servers in the c-ares library before version 1.17.2 can lead to output of wrong hostnames (leading to domain hijacking).
Group Package Affected Fixed Severity Status Ticket
AVG-2268 c-ares 1.17.1-1 1.17.2-1 Medium Fixed
Date Advisory Group Package Severity Type
10 Aug 2021 ASA-202108-13 AVG-2268 c-ares Medium insufficient validation