← volver
CVE-2020-14354

CVE-2020-14354

EPSS 0.5%CWE-120
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
13 may 2021Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. This flaw possibly allows an attacker to crash the service that uses c-ares lib. The highest threat from this vulnerability is to this service availability.
Productos afectados
n/a · c-ares