CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 2CVE-2021-46141 – Debian Security Advisory 5063-1
https://notcve.org/view.php?id=CVE-2021-46141
06 Jan 2022 — An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriFreeUriMembers and uriMakeOwner. Se ha detectado un problema en uriparser versiones anteriores a 0.9.6. Lleva a cabo operaciones inválidas en uriFreeUriMembers y uriMakeOwner. Two vulnerabilities were discovered in uriparser, a library that parses Uniform Resource Identifiers (URIs), which may result in denial of service or potentially in the the execution of arbitrary code. • https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 2CVE-2021-46142 – Debian Security Advisory 5063-1
https://notcve.org/view.php?id=CVE-2021-46142
06 Jan 2022 — An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax. Se ha detectado un problema en uriparser versiones anteriores a 0.9.6. Lleva a cabo operaciones libres no válidas en uriNormalizeSyntax. Two vulnerabilities were discovered in uriparser, a library that parses Uniform Resource Identifiers (URIs), which may result in denial of service or potentially in the the execution of arbitrary code. • https://blog.hartwork.org/posts/uriparser-096-with-security-fixes-released • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-20721 – Ubuntu Security Notice USN-5172-1
https://notcve.org/view.php?id=CVE-2018-20721
16 Jan 2019 — URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex* functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address. URI_FUNC() en UriParse.c en uriparser en versiones anteriores a la 0.9.1 tiene una lectura fuera de límites (en las funciones uriParse*Ex*) para un URI incompleto con una dirección IPv6 que contiene una dirección IPv4 embebida, como "//[::44.1". It was discovered that uriparser mishandled certai... • https://github.com/uriparser/uriparser/blob/master/ChangeLog • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-19198 – uriparser: Out-of-bounds write via uriComposeQuery* or uriComposeQueryEx* function
https://notcve.org/view.php?id=CVE-2018-19198
12 Nov 2018 — An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts. Se ha descubierto un problema en versiones anteriores a la 0.9.0 de uriparser. UriQuery.c permite la escritura fuera de límites mediante las funciones uriComposeQuery* o uriComposeQueryEx* debido a que el carácter '' se gestiona de manera incorrecta en ciertos contextos. It was discovered that uriparser ... • https://access.redhat.com/errata/RHSA-2019:2280 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-19199 – uriparser: Integer overflow via uriComposeQuery* or uriComposeQueryEx* function
https://notcve.org/view.php?id=CVE-2018-19199
12 Nov 2018 — An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery* or uriComposeQueryEx* function because of an unchecked multiplication. Se ha descubierto un problema en versiones anteriores a la 0.9.0 de uriparser. UriQuery.c permite un desbordamiento de enteros mediante las funciones uriComposeQuery* o uriComposeQueryEx* debido a una multiplicación sin comprobar. Uriparser is a URI parsing library, which is written in C and strictly complies with RFC 3986. • https://access.redhat.com/errata/RHSA-2019:2280 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2018-19200
https://notcve.org/view.php?id=CVE-2018-19200
12 Nov 2018 — An issue was discovered in uriparser before 0.9.0. UriCommon.c allows attempted operations on NULL input via a uriResetUri* function. Se ha descubierto un problema en versiones anteriores a la 0.9.0 de uriparser. UriCommon.c permite el intento de operaciones en entradas NULL mediante una función uriResetUri*. • https://github.com/uriparser/uriparser/blob/uriparser-0.9.0/ChangeLog • CWE-476: NULL Pointer Dereference •