Skip to content

Deps: Upgrade c-ares to >= 1.12.0 (CVE-2016-5180) #12532

New issue
New issue
Closed
Closed
Deps: Upgrade c-ares to >= 1.12.0 (CVE-2016-5180)#12532
Labels
caresIssues and PRs related to the c-ares dependency or the cares_wrap binding.securityIssues and PRs related to security.
@Dominik-K

Description

@Dominik-K
Dominik-K
opened on Apr 20, 2017

c-ares has a vulnerability in ares_create_query or ares_mkquery. I don't know if this affects Node.js itself. However, it's shown as a vulnerability in the node Docker image. E.g. the only one in the alpine image. 👍 Keep up the good work.

Metadata

Metadata

Assignees

No one assigned

    Labels

    caresIssues and PRs related to the c-ares dependency or the cares_wrap binding.securityIssues and PRs related to security.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions