CVE-2025-62408

ADVISORY - nist

Summary

c-ares is an asynchronous resolver library. Versions 1.32.3 through 1.34.5 terminate a query after maximum attempts when using read_answer() and process_answer(), which can cause a Denial of Service. This issue is fixed in version 1.34.6.

EPSS Score⁠: 0.0006 (0.188)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-416⁠

Use After Free

ADVISORY - redhat

CWE-416⁠

Use After Free

Impacted images

Advisories

Alpine

CREATED

2 months ago

UPDATED

8 days ago

ADVISORY IDCVE-2025-62408⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
alpine/c-ares	apk	alpine	3.21	<1.34.6-r0	1.34.6-r0
alpine/c-ares	apk	alpine	edge	<1.34.6-r0	1.34.6-r0
alpine/c-ares	apk	alpine	3.24	<1.34.6-r0	1.34.6-r0
alpine/c-ares	apk	alpine	3.23	<1.34.6-r0	1.34.6-r0
alpine/c-ares	apk	alpine	3.20	<=1.33.1-r0	Not yet available
alpine/c-ares	apk	alpine	3.22	<1.34.6-r0	1.34.6-r0

Severity and metrics

No CVSS data available from this advisory.

NIST

CREATED

2 months ago

UPDATED

6 days ago

ADVISORY IDCVE-2025-62408⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-416⁠

CVSS SCORE

5.9medium

Debian

CREATED

2 months ago

UPDATED

1 month ago

ADVISORY IDCVE-2025-62408⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2025-62408⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDALAS2023-2025-1346⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDALAS2023-2025-1347⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDALAS2023-2025-1348⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

2 months ago

UPDATED

1 month ago

ADVISORY IDCVE-2025-62408⁠

EXPLOITABILITY SCORE

2.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-416⁠

CVSS SCORE

5.9medium

minimos

CREATED

5 days ago

UPDATED

5 days ago

ADVISORY ID

MINI-vx6j-9433-mfjf

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY