{"id":"AZL-74817","summary":"CVE-2026-0915 affecting package glibc for versions less than 2.35-9","details":"Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.","modified":"2026-04-21T04:38:47.752985Z","published":"2026-01-15T22:16:12Z","upstream":["CVE-2026-0915"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-0915"}],"affected":[{"package":{"name":"glibc","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/glibc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.35-9"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-74817.json"}}],"schema_version":"1.7.5"}