c-ares — Vulnerabilities & Security Advisories 10

All 10 CVE vulnerabilities found in c-ares, with AI-generated Chinese analysis, references, and POCs.

Vendor: n/a

CVE ID	Title	CVSS	Severity	Published
CVE-2025-62408	c-ares has a Use After Free vulnerability when connection is cleaned up after error CWE-416	5.9	Medium	2025-12-08
CVE-2025-31498	c-ares has a use-after-free in read_answers() CWE-416	7.5^AI	High^AI	2025-04-08
CVE-2024-25629	c-ares out of bounds read in ares__read_line() CWE-127	4.4	Medium	2024-02-23
CVE-2023-32067	0-byte UDP payload DoS in c-ares CWE-400	7.5	High	2023-05-25
CVE-2023-31147	Insufficient randomness in generation of DNS query IDs in c-ares CWE-330	5.9	Medium	2023-05-25
CVE-2023-31130	Buffer Underwrite in ares_inet_net_pton() CWE-124	4.1	Medium	2023-05-25
CVE-2023-31124	AutoTools does not set CARES_RANDOM_FILE during cross compilation CWE-330	3.7	Low	2023-05-25
CVE-2022-4904	c-ares 输入验证错误漏洞 CWE-20	8.6	-	2023-03-06
CVE-2021-3672	libcares2 跨站脚本漏洞 CWE-79	5.6	-	2021-11-23
CVE-2020-14354	Fedora 资源管理错误漏洞 CWE-120	5.5	-	2021-05-13

All 10 known CVE vulnerabilities affecting c-ares with full Chinese analysis, references, and POCs where available.