Описание
An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string.
An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-34403
- https://github.com/uriparser/uriparser/issues/183
- https://github.com/uriparser/uriparser/pull/186
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R36L762D3KX3GA66OOPWW7M7KKDRXDP
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CZ6KEUQXWCTYXGTBMZDD7CHJCYI52XY3
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UG4J7PD475LSCGCSHFU4GMU4TWLDSNW2
- http://www.openwall.com/lists/oss-security/2024/05/06/1
- http://www.openwall.com/lists/oss-security/2024/05/06/3
Связанные уязвимости
CVSS3: 5.9
ubuntu
больше 1 года назад
An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string.
CVSS3: 5.5
redhat
больше 1 года назад
An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string.
CVSS3: 5.9
nvd
больше 1 года назад
An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string.
CVSS3: 5.9
debian
больше 1 года назад
An issue was discovered in uriparser through 0.9.7. ComposeQueryMalloc ...