Vulnerability in fixinventory project

### Description

While working on the fixinventory project, we identified a critical vulnerability in the [pycares](https://vulert.com/vuln-db/pypi-pycares-193213) package, which provides Python bindings for the c-ares asynchronous DNS library (this dependency used by fixinventory). The issue, disclosed as a use-after-free vulnerability, arises when the Channel object is garbage collected while DNS queries are still pending, potentially leading to fatal crashes or undefined behavior.

[CVE Link](https://vulert.com/vuln-db/pypi-pycares-193213)
[CVE Report](https://vulert.com/vuln-scan/list/eb2c805a-a1e8-4696-8551-95fb6ac99883)



### Version

5.29.3

### Environment

_No response_

### Steps to Reproduce

_No response_

### Logs

```shell

```

### Additional Context

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Vulnerability in fixinventory project #2327

Description

Version

Environment

Steps to Reproduce

Logs

Additional Context

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Vulnerability in fixinventory project #2327

Description

Description

Version

Environment

Steps to Reproduce

Logs

Additional Context

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions