Missing input validation of host names returned by Domain Name Servers in the c-ares library before version 1.17.2 can lead to output of wrong hostnames (leading to Domain Hijacking).
Missing input validation of host names returned by Domain Name Servers in the c-ares library before version 1.17.2 can lead to output of wrong hostnames (leading to Domain Hijacking).
https://c-ares.haxx.se/adv_20210810.html https://github.com/c-ares/c-ares/commit/362f91d807d293791008cdb7616d40f7784ece83 https://github.com/c-ares/c-ares/commit/44c009b8e62ea1929de68e3f438181bea469ec14