Improper Neutralization of Null Byte or NUL Character

Moderate

saghul published GHSA-c58j-88f5-h53f

Jun 28, 2022

Package

pycares (pip)

Affected versions

< 4.2.0

Patched versions

4.2.0

Description

Impact

pycares versions < 4.2.0 are affected by CVE-2021-3672.

Patches

Update to version 4.2.0.

Severity

Moderate

5.6

/ 10

CVSS base metrics

Attack vector

Network

Attack complexity

High

Privileges required

None

User interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L